Canadian non-profit hit by malware gets help — from the threat actor
Good Shepherd Centres in Canada recently disclosed a breach involving protected health information that occurred on September, 27, 2020.
On June 29, Good Shepherd posted a statement that explains that it had been the victim of an attempt to shut down its systems, but that the attacker(s) “quickly facilitated restoration after realizing that Good Shepherd is a non-profit.”
“The intruder may have obtained a copy of some personal information, but provided evidence that any information taken was then destroyed,” they also write.
But that’s where things wound up becoming even more complicated, as the centre could not determine whose information had ever been exfiltrated and who needed to be notified, other than being able to determine that the donor database had not been involved.
Without specific knowledge of whom to notify, the center issued a public notice, reproduced below.
The notice does not identify which threat actor or type of ransomware was involved, and the incident was reported to law enforcement, but it’s nice to see a threat actor try to undo any harm it might have caused.2021-06-28-Notice-for-Cyber-Security-Website-Posting2