On August 12, 2021, the Organization was the subject of a ransomware attack. It is believed that the attacker gained access to the environment via brute force attack against public facing ports. The incident was discovered the following day, August 13, 2021, when one of the Organization’s managers attempted to log in to their computer. A ransom demand was also found. In its January 25, 2022 update, the Organization confirmed that “the threat actor obtained approximately 1% to 3% of its data” and that the “possibility of data exfiltration cannot be ruled out” In a recent update, the Organization again advised that “since [Organization] has such a low bandwidth Internet connection, the threat actor was able to download only a small percentage of the [Organization’s] overall data, in the range of 1 to 3%.” The Organization also reported that “the disclosed data has not been released into the public domain.”
P2022-ND-060
File Type:
pdf
File Size:
765 KB
Categories:
2022