A ransomware group called Sarcoma has claimed responsibility for a cyberattack on Manchester Credit Union (MCU) in the UK.
The credit union reported technical issues with its payment system earlier this month but described the incident as a “failed ransomware attack,” saying no customer data was compromised.
Although MCU said no ransom demand was received, Sarcoma has listed the firm on its leak site and threatened to auction stolen data if payment isn’t made. The bad actors wiped some servers, causing two days of downtime for 21 employees, complicating forensic investigations.
Sarcoma, active since October 2024, has been linked to 14 confirmed ransomware attacks globally, mainly targeting financial institutions.
Manchester Credit Union, founded in 1991, serves over 32,000 members across the region
A Relatively New Scourge
Rebecca Moody, Head of Data Research at Comparitech, says Sarcoma is a relatively new ransomware group that began claiming responsibility for attacks in October 2024. “Its initial attack vectors including phishing emails and vulnerability exploits.”
She says over and above the 14 confirmed ransomware attacks Sarcoma has owned up to, there are another 78 unconfirmed claims that haven’t been acknowledged by the attacked entities. This year, its only other confirmed attack to date was against Unimicron Technology in Shenzhen, China.
“In 2024, Sarcoma hit two other finance companies: Advanced Accounting & Business Advisory in New Zealand, and Popular Life Insurance Company in Bangladesh,” she says.
“Ransomware attacks on finance businesses can steal data and lock down computer systems. Businesses must then pay a ransom or face data loss, extended downtime, and putting data subjects at increased risk of fraud.”
In 2025 so far, Moody says Comparitech researchers logged 16 confirmed ransomware attacks on finance companies worldwide. Another 138 unconfirmed claims haven’t been acknowledged by the targeted firms.
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.