Cybercriminals are not idling by and in a span of few days have attacked Polish municipal offices in Lututów, Kościerzyna, as well as the Budzik clinic, which has also become a victim.

In the Lututów commune, data encompassing liabilities for municipal waste, water and rent were encrypted. The commune issued a statement in which it informed that in the case of payment of liabilities to the commune, it would not be possible to obtain the information on the amount of arrears. The cybercriminal demands a ransom of $6,000 for decrypting the data. The head of the commune has notified the police about the incident.

In the case of the Kościerzyna commune, the head of the commune has turned to CSIRT NASK and an external company for help in decrypting the data. Kaspersky has decrypted the files.

A week before the attack the Budzik clinic has received an email with information about the unpaid invoice, along with a link. After encrypting the data, the clinic received an email from Spain, in which an offer to unlock the system for PLN 30,000 was made. According to the press reports, as a result of data encryption, the clinic’s employees were not able to submit a monthly report for November to the NFZ, which could have resulted in it cutting the funding. According to the AVLAB, CERT Polska has been able to develop a publically available decryptor for the Kościerzyna commune, which can be also used by Budzik clinic.