The Play ransomware operation has claimed accountability for a current cyberattack on the Belgium metropolis of Antwerp.

Final week, Digipolis, the IT firm liable for managing Antwerp’s IT programs, suffered a ransomware assault that disrupted the town’s IT, e-mail, and telephone providers.

Native media reported that lots of the metropolis’s Home windows functions had been not out there, and Metropolis council member Alexandra d’Archambeau publicly tweeted that e-mail was not out there.

The disruption continues with the city warning that the majority providers are unavailable or considerably delayed, together with job functions, use of libraries, and new agreements with the town.

Play ransomware claims assault

Whereas native media had confirmed that ransomware was behind the assault, it was unclear what operation attacked the town.

Over the weekend, Emsisoft risk analyst Brett Callow noticed that the Play ransomware operation began itemizing Antwerp as certainly one of its victims.

This Antwerp entry on the info leak website claims that 557 GB of information was stolen in the course of the assault, together with private info, passports, IDs, and monetary paperwork.

Nonetheless, information from the town has but to be leaked, with the risk actors indicating they may start publishing information in every week until a ransom is paid.

Play ransomware is a comparatively new operation, launched in June 2022 when victims started describing their assaults within the BleepingComputer forums.

Quickly after, the ransomware gang targeted Argentina’s Judiciary of Córdoba, in what was their most vital recognized assault.

Since then, the ransomware operation has slowly grown, amassing a gradual stream of victims worldwide.