A synagogue in New Jersey has informed its congregation that it had its network breached due to a ransomware attack.
In an email sent to its congregation, Temple Har Shalom stated that it had detected the ransomware attack on January 9 after staff had issues connecting to the internet.
The ransomware had encrypted the Temple’s files and other computers on the network, to which a ransom note was left behind. The ransomware family behind the attack was Sodinokibi.
“The encryption affected all of our server-based files and electronic data. We have a mechanical back up for those files and data, but the back-up was encrypted as well. Certain computers were affected in full. Others were unaffected and remain functional,” the email read.
A source told BleepingComputer that the threat actors behind Sodinokibi are demanding almost $500,000.
It appears Temple Har Shalom have no intention of paying the ransom as they plan to contact congregation members for information needed to recreate the encrypted files.
Only last week it was uncovered that Sodinokibi are utilising a new tactic whereby files are stolen from organisations before encrypting them, to which if the victim refuses to pay the stolen data is slowly leaked until the ransom has been paid. Thus concerns arise on whether threat actors may have gained access to the personal data of congregants.
“Beyond names, addresses and e-mail addresses of congregants, because of the way we segregate our files, we do not believe that confidential personal membership information (such as financial information) was accessed,” the email said.
Congregation members should look out for phishing emails using their personal information.
“The attack is violative of us as a community, though we have no reason to believe that we were targeted because we are a Jewish organization.”
The post #Privacy: New Jersey synagogue suffers ransomware attack appeared first on PrivSec Report.