HQ/EMEAFind out how we can help your business
The Play ransomware group claimed responsibility for the recent attack against Belgium’s Antwerp last week. Antwerp is one of the biggest cities in Belgium, home to more than half a million people. The landmass of this affected city is just second to the entire mainland of Belgium’s capital, Brussels.
Based on reports, the IT company responsible for managing the Belgian city’s Information Technology (IT) systems suffered a ransomware attack last week. The attack has crippled Antwerp’s phone, email, and IT services.
Local news reported that numerous Windows applications within the city were no longer accessible. In addition, a city council member posted on a social media platform that email was only available for some living in Antwerp.
The ransomware attack also affected several services offered by the city, such as libraries and new agreements with the city. Job seekers were also heavily impacted by the incident since there were delays in job applications.
The Play ransomware operation claimed the attack even though the local media reported that the city was unsure of the culprits of the disruption.
Local media in Antwerp had confirmed that the cyberattack was ransomware, but they did not know who the culprits were until the Play ransomware claimed it. Researchers proved the group’s claim after a study identified Antwerp on the date leak list of the group.
The Antwerp entry on the data leak website listed 557 gigabytes of stolen information during the disruption. The stolen data includes personal information, financial documents, IDs, and passports.
The threat actors have yet to leak the stolen data, but they indicated they would start exposing the information in a week unless the city provides a ransom.
The Play ransomware group is a newly emerged operation which started in June this year. The group initially targeted the Argentine Judiciary, which became its most significant cyberattack operation to this date.
As of now, the Play operators have drastically increased their victims and targeted landscape globally. Therefore, researchers should take note of this malicious entity.
