Brazil's Tribunal de Justiça do Estado do the Rio Grande do Sul was targeted by the REvil ransomware group.
The attackers encrypted employees' files and left all the documents and images inaccessible and even left a note for the court demanding a $5,000,000 ransom.
The court shut down its network to contain the attack and asked its employees not to log in to the TJ network's systems
TPRM report: https://scoringcyber.rankiteo.com/company/justi%C3%A7a-federal-do-rio-grande-do-sul
"id": "fed231318322",
"linkid": "justi%C3%A7a-federal-do-rio-grande-do-sul",
"type": "Ransomware",
"date": "04/2021",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"{'affected_entities': [{'industry': 'Judiciary',
'location': 'Rio Grande do Sul, Brazil',
'name': 'Tribunal de Justiça do Estado do Rio Grande '
'do Sul',
'type': 'Government'}],
'data_breach': {'data_encryption': 'Yes',
'file_types_exposed': ['Documents', 'Images'],
'type_of_data_compromised': ["Employees' files",
'Documents',
'Images']},
'description': "Brazil's Tribunal de Justiça do Estado do Rio Grande do Sul "
'was targeted by the REvil ransomware group. The attackers '
"encrypted employees' files and left all the documents and "
'images inaccessible, demanding a $5,000,000 ransom. The court '
'shut down its network to contain the attack and asked its '
"employees not to log in to the TJ network's systems.",
'impact': {'data_compromised': ["Employees' files", 'Documents', 'Images'],
'operational_impact': 'Network shutdown',
'systems_affected': ["TJ network's systems"]},
'motivation': 'Financial',
'ransomware': {'data_encryption': 'Yes',
'ransom_demanded': 5000000,
'ransomware_strain': 'REvil'},
'response': {'containment_measures': 'Network shutdown'},
'threat_actor': 'REvil',
'title': 'Ransomware Attack on Tribunal de Justiça do Estado do Rio Grande do '
'Sul',
'type': 'Ransomware'}