Massachusetts Nonprofit Shelter Targeted by Ransomware

Father Bill's and MainSpring, a Brockton-based nonprofit homeless shelter, announced this week that it had been attacked by ransomware in April. Officials say they do not believe that personal information was stolen.

by Marc Larocque, The Enterprise, Brockton, Mass. / June 28, 2019
Shutterstock/JMiks

(TNS) — The nonprofit that runs the downtown homeless shelter was a target in a ransomware attack, which is a type of computer virus that encrypts user data, demanding ransom payments in return for access.

Father Bill's and MainSpring announced on Tuesday that it was attacked by a ransomware virus on April 11.

But the Brockton-based nonprofit said that it does not believe anyone's personal information was accessed or stolen. John Yazwinski, president & CEO of Father Bill's, said an anti-virus software used by the nonprofit was able to stop the ransomware attack in its tracks, without locking up any of the office computers or causing them to seize.

"There was no evidence that anything left the premise," Yazwinski said. "It was detected and blocked in less than 30 seconds. There was no exposure. We were able to restore all the files. We have no evidence to believe the files were compromised in any way."

Yazwinski said Father Bill's reported the incident to the office of Massachusetts Attorney General Maura Healey. The nonprofit also published a legal notice about the incident in Tuesday's print edition of The Enterprise.

"We've gone through all the proper procedures with a breach through AG's office, and have done everything we need to do that's required by the state to let people know," Yazwinski said. "We're just being very proactive. We're working with the AG's office very closely."

One of those procedures was to mail notification letters to people with social security numbers that are stored in the agency's computer system, although current addresses were unknown for 30 percent of those individuals, according to Father Bill's. Yazwinski said the nonprofit tried to reach out to around 1,000 people about the incident.

Yazwinski said the malware did not not derail the staff's work at the office in Brockton. The organization's IT experts were able to determine that it was safe to continue work after shutting down the network and evaluating the situation, he said.

"We were able to disable all access to data and network drive," Yazwinski said. "We definitely shut down the system as they went through and searched everything. There was minimal disruption."

The news about a ransomware attack targeting Father Bill's comes as cities throughout the country have been suffering at the hands of hackers behind a recent spate of ransomware attacks.

Recently, Baltimore and two cities in Florida were hit by ransomware, costing millions of dollars to recover and restore their computer systems. Lake City, Florida officials said they are paying hackers up to $450,000 in bitcoin cryptocurrency to regain access to the city's computer system. Riviera Beach, Florida announced that it would pay around $600,000 to hackers to recover from a ransomware attack. And in Baltimore, the city's budget office estimated the cost of recovering from a ransomware attack that took place around seven weeks ago is at least $18 million.

Atlanta was also hit by a ransomware in March 2018, costing the city $7.2 million, including a $52,000 ransom demand, according to testimony to Congress on Tuesday from Mayor Keisha Bottoms.

In 2017, a ransomware attack named "WannaCry" caused problems across the globe, later blamed on North Korea by officials from the United States, United Kingdom and Australia. Cyence, a cyber risk modeling firm, estimated the potential damages from the wave of hacks to come out to around $4 billion, while other organizations said the loss would amount to hundreds of millions of dollars to companies, nonprofits and governments around the world.

©2019 The Enterprise, Brockton, Mass. Distributed by Tribune Content Agency, LLC.

Platforms & Programs