• Crozekiel
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    Our hr had an unsecured excel file with every employees private personal information like emergency contacts, address, social security number, etc… And it got “got” by a ransomware attack because people still open email attachments blindly…

    • Soulfulginger@lemmy.world
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Well at least if it was ransomware, the information was still probably safe. Ransomware blocks the company’s access to company files by either locking the system or encrypting the files. It usually remains locked until the company agrees to pay a large fee to unlock it. So they may have lost access to that file, but the information isn’t stolen, it’s just unusable

      • Crozekiel
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        Probably, but the message said if the company didn’t pay the data would be “auctioned off on the dark web.”…

        I dunno the liklihood of that actually happening but I don’t see why it wouldn’t be possible… After all, they have the key to decrypt it and no reason to assume they didn’t also have the files… Something was hitting cpu and network usage to 100% for several days across several locations… It was a bad time. It’s probably more likely a feint to just install crypto bs on servers while IT is distracted, but still I have no reason to believe it wasn’t possible.