A notorious ransomware gang has targeted Easterseals, a prominent nonprofit organization dedicated to supporting disabled individuals. The Rhysida group has demanded a staggering $1.3 million from the organization, which serves over 1.5 million people across the United States.
Key Takeaways
- Rhysida ransomware group demands 20 bitcoin from Easterseals by October 30.
- The cyberattack compromised personal information of nearly 15,000 individuals.
- Easterseals is implementing enhanced security measures following the breach.
Overview of Easterseals
Easterseals is one of the oldest disability-focused organizations in the U.S., providing essential services to disabled children, seniors, military veterans, and others in need. The organization prides itself on allocating over 80% of its fundraising directly to care for the disabled, making this attack particularly devastating.
Details of the Cyberattack
The cyberattack occurred on April 1, leading to a significant disruption in the organization’s network functionality. Although Easterseals did not initially disclose the involvement of the Rhysida group, the hackers claimed responsibility for the breach this week.
Upon discovering the incident, Easterseals took immediate action by disconnecting all network access and engaging a specialized cybersecurity firm to conduct a thorough forensic investigation. This investigation revealed that unauthorized actors accessed sensitive files, including personal information of individuals associated with the organization.
Impact on Individuals
The breach has affected 14,855 individuals, with hackers accessing:
- Full names
- Addresses
- Driver’s license numbers
- Social Security numbers
- Medical and health information
- Passport details
In response to the breach, Easterseals is offering 12 months of identity protection services to the affected individuals. The organization is also enhancing its security protocols by implementing endpoint security software, utilizing cloud-based servers, and adopting credential hardening tools such as multifactor authentication.
Ransom Demand and Previous Attacks
The Rhysida ransomware group has posted Easterseals on its leak site, demanding a ransom of 20 bitcoin by October 30. This group has a history of targeting healthcare organizations, having previously attacked notable institutions such as The Ann & Robert H. Lurie Children’s Hospital of Chicago and various hospitals operated by Prospect Medical Holdings.
In addition to these attacks, Rhysida has also targeted the World Council of Churches and systems used by the Port of Seattle and the city of Columbus, Ohio, showcasing a troubling trend of cybercriminals exploiting vulnerable organizations.
Conclusion
The attack on Easterseals highlights the growing threat of ransomware attacks on nonprofits, particularly those serving vulnerable populations. As organizations like Easterseals work to recover from such incidents, the need for robust cybersecurity measures has never been more critical. The ongoing situation serves as a stark reminder of the importance of safeguarding sensitive information in an increasingly digital world.
Sources
- Ransomware gang stoops to new low, targets prominent nonprofit for disabled people, The Record from Recorded Future News.
