Ransomware actors behind the PLEASE_READ_ME attack have breached at least 85,000 servers worldwide. The attack exploits weak credentials on internet-facing MySQL servers, of which there are close to 5 million. The ransom note demands a ransom payment of up to 0.08 BTC. The website lists 250,000 different databases from 83,000 compromised servers, with 7 TB of stolen data. Researchers believe that the attackers behind this campaign have made at least $25,000 in the first 10 months of the year.
Source: https://threatpost.com/please_read_me-ransomware-mysql-servers/162136/