TRB’s Registration Database Hacked in Vendor’s Ransomware Attack
Transport Topics reports:
The Transportation Research Board’s annual meeting registration services database was compromised in March by cybercriminals in a ransomware attack, the organization announced April 28.
“As a result of the attack, personal information for those who registered for TRB annual meetings from 2015-2021, may have been exposed and obtained in the attack,” TRB said in an email to all conference registrants since 2015.
The vendor, J. Spargo & Associates Inc., based in Fairfax, Va., alerted TRB to the hack on March 14, TRB said.
Read more on Transport Topics.
Spargo’s site indicates that they manage more than 120 events each year.
The attack on Spargo was previously reported in news by Sean Lyngaas on CyberScoop on March 23 after the Armed Forces Communications and Electronics Association (AFCEA) had notified their members of the breach.
On March 22, Spargo had posted an updated notice on their web site revealng that the attack, discovered on March 14, involved a variant of Sodinokibi ransomware. It appears that the firm opted to pay the ransom to get a decryption key:
As a result of the cyberattack, the majority of our servers and files were encrypted, and our backups were unusable. Utilizing a third-party investigation firm, we obtained a decryption key from the attackers and the decryption of our system is ongoing.
Potentially exposed information — or at least their assessment of portentially exposed information as of March 22 — included:
- Email address
- Phone number
- Fax number
- Job Title
- Organizational Affiliation
It is not clear why it took the TRB until April 28 to notify their members when they had been notified by Spargo on March 14.