Play Ransomware Gang Attack A Spanish Bank

One of Spain’s largest banking institutions, Globalcaja,  has been hit by a ransomware attack affecting multiple branches. The attack is understood to have been carried out by the Play ransomware group, also known as PlayCrypt. The ransomware’s name is derived from its behaviour, as it adds the extension “.play” after encrypting files. Its ransom note also contains the single word, “PLAY,” along with the ransomware group’s contact email address. 

The ransomware gang is claiming Globalcaja is one of its latest victims and says it has gained access to both private and personal data, as well as numerous client and employee documents. Passport information and confidential contracts were also noted amongst the list of data seized during the incident. The bank has not confirmed that it has paid any ransom.

Globalcaja has nearly half a million customers and the bank provides a wide range of services. It manages a substantial portfolio of consumer loans, totalling over $4.6 billion, and employs approximately 1,000 people. The bank said that it "activated security” protocols designed to mitigate the impact of a potential breach. “From the very beginning, at Globalcaja we activated the security protocols created for this purpose, which led us to disable some office posts and temporarily limit the performance of some operations,” said the bank.  “We continue to work hard to finish normalising the situation and are analysing what happened, prioritising security at all times.”

This attack is the latest in a number of high-profile attacks conducted by the ransomware group, which has become more widely known following a series of high-profile attacks last year.

Play ransomware was used to attack the German hotel chain, H-Hotels and the State of New York Polytechnic college in 2022. This group also hit organisations across Latin America and has a track record of deploying attacks on companies operating in India, Hungary, the Netherlands, and Spain. 

Spanish financial institutions have been a hacking target for a long time, but the country has been dealing with more ransomware incidents in 2023, with one attack hitting a Barcelona hospital crippling a and another bringing down a Spanish fun park company.

Avertium:     Trend Micro:     The Record:     Computing:    Cybernews:    Bleepimg Computer:      ITPro:

You Might Also Read:

Top Six Cyber Secure Countries:
___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 


Cyber Security Intelligence: Captured Organised & Accessible


 

« XDR vs. SIEM: Do You Need One or Both?
To Succeed With Zero Trust, First Define Success »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

L3Harris United Kingdom

L3Harris United Kingdom

L3Harris UK (formerly L3 TRL Technology) designs and delivers advanced electronic warfare and cyber security solutions for the protection of people, infrastructure and assets.

Paramount Computer Systems

Paramount Computer Systems

Paramount is a regional leader in the Middle East for cybersecurity solutions and consulting services.

Certego

Certego

Certego is a company of the VEM Sistemi Group specialised in providing managed computer security services and to combat Cyber Crime.

G DATA CyberDefense

G DATA CyberDefense

G Data developed the world's first antivirus software. We now ensure the security of small, large and medium-sized companies all over the world.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association (NHCAA) - USA

National Health Care Anti-Fraud Association is the leading national organization focused exclusively on the fight against health care fraud.

CYBER.ORG

CYBER.ORG

CYBER.ORG's goal is to empower educators as they prepare the next generation to succeed in the cyber workforce of tomorrow.

DMARC360

DMARC360

DMARC360 analyzes your email traffic patterns and sources, rapidly deploys email authentication protocols and monitors your email domains with automated recommendations and incident response.

ImmuniWeb

ImmuniWeb

We Simplify, Accelerate and Reduce Costs of Security Testing, Protection and Compliance.

SpiderOak

SpiderOak

SpiderOak's portfolio of Secure Communication & Collaboration products ensure the confidentiality, integrity, and availability of your most sensitive data in any environment.

Spera Security

Spera Security

Spera helps identity security professionals effectively and confidently measure, prioritize and reduce identity risk to better protect the organization from identity-based attacks.

Entech

Entech

Entech is a managed IT service provider. We work behind the scenes on your network to ensure data security and integrity.

ARGOS Cloud Security

ARGOS Cloud Security

ARGOS aims to simplify and strengthen cloud security, by creating a visual map of security vulnerabilities, to your priceless information stored in any cloud provider environment.

CESAR

CESAR

CESAR is one of the premier R+D and innovation centers in Brazil and a designated Cybersecurity Competence Center.

Cribl

Cribl

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy.

Fusion5

Fusion5

Fusion5 is a leading ANZ Business Services and IT Solutions provider. Our customers trust us to make their potential reality by providing advisory, IT project deployment, and managed services.