Cancer Services of East Central Indiana - Little Red Door in Muncie was hacked Jan. 11 by hackers demanding a ransom of 50 bitcoins, or about $43,000, for access to its data. The cancer services agency will replace and rebuild its data to prevent further attacks. Little Red Door East Central Indiana // Photo Courtesy
Indiana cancer agency server hacked, held for ransom
MUNCIE, Ind. (AP) — An Indiana cancer services agency says it will replace and rebuild its data after a computer hack demanding a ransom.
Cancer Services of East Central Indiana-Little Red Door in Muncie was hacked Jan. 11 around and the international cyberterrorism organization's hackers demanded a ransom of 50 bitcoins, or about $43,000, for access to its data.
According to a press release sent out by executive director Aimee Fant, the self-identified dark web organization issued threats of exertions and also threatened to contact family members of living and deceased cancer clients, donors and community partners.
Questions nonprofits should ask about protecting its data:
- Do you have a server? If so, why do you have a server?
- Do you have an adequate backup?
- Has your staff been trained on ransomware?
- Do we have adequate active prevention of these attacks in place?
Questions provided by Michael Wolfe, vice president and chief technology officer of Ontario Systems, a software company based in Muncie, Indiana. To learn more about nonprofit cyber protection, click here.
Fant and the board of directors took immediate action after the threat was issued and has been working with the FBI in response to the attack.
Most of the agency’s data is in cloud storage and it will replace its server with a secure, cloud-based system. Fanta said in a press release that the cancer agency "will not pay a ransom when all funds raised must instead go to serving families, all stage cancer clients, late stage care/hospice support and preventative screenings."
According to a press release, Cancer Services has been consulting with IT firms and law enforcement to preserve the safety and security of those who receive cancer care services and the agency "extends its immense gratitude to all who have helped in its efforts to gain control of the ransom attack and sincerely apologizes for any inconvenience and distress experienced on account of this act of cyberterrorism."
The agency will be back up and running at full capacity by the end of the week.
The incident was the second ransom attack in less than three months. Madison County officials paid a ransom of $21,000 to unlock data encrusted by unknown hackers, The Herald Bulletin reported.
The county has since decided to store its information at two off-site locations in order to prevent future attacks.