RansomHub attacks Skyway Coach Lines and Shuttle Services

Incident Date:

April 8, 2024

World map



RansomHub attacks Skyway Coach Lines and Shuttle Services


Skyway Coach Lines and Shuttle Services




East Markham, Canada

Ontario, Canada

First Reported

April 8, 2024

The RansomHub Ransomware Gang Targets Skyway Coach Lines and Shuttle Services

The RansomHub ransomware gang has added Skyway Coach Lines and Shuttle Services to its list of victims. No other information is available. Skyway Coach Lines and Shuttle Services is a Toronto-based coach line and airport shuttle provider. It offers a complete range of transportation solutions and services and caters to group travel of all types and sizes, from scenic tours to social excursions to business travel.

About RansomHub

RansomHub is a relatively new ransomware-as-a-service operation whose darknet site features an Index page where all its victims are listed, as well as About and Contact pages. The group claims to be a team of hackers from around the world, motivated by one thing – financial gain. However, the gang does say that it does not allow attacks against certain targets, including CIS, Cuba, North Korea, and China.

RansomHub's Rules

The group also lists a few general rules that it follows and rules for its affiliates. RansomHub does not allow non-profit organizations to be targeted or re-attacked; in other words, it prohibits follow-up attacks on victims who have already paid.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.