Following its recent attack against Costa Rica, the Conti ransomware group has reportedly ceased operations, according to BleepingComputer.
Conti had already turned off its internal infrastructure even though its ransom negotiation and data leak sites continue to be online, while rocket chat servers are in the decommissioning process, said Advanced Intel's Yelisey Boguslavskiy in a tweet.
Boguslavskiy also noted that the attack on Costa Rica was only a front to the continued operations of Conti as its members began transferring to smaller ransomware operations.
"The only goal Conti had wanted to meet with this final attack was to use the platform as a tool of publicity, performing their own death and subsequent rebirth in the most plausible way it could have been conceived," said Advanced Intel in a report.
Despite the dismantling of Conti, the ransomware gang has teamed up with the AvosLocker, BlackByte, BlackCat, HelloKitty, and Hive ransomware operations to ensure continued attacks, the report found.
Mailing vendor OneTouchPoint informed 30 health plans their patient data was accessed during a ransomware attack; now 326,278 Aetna members have been added to the tally. The incident leads this week’s healthcare data breach roundup.