Ransomware bandits attacking arts orgs

Wednesday 27th July, 2022 - Bruce Sterling

*Look out for poisoned email.



A ransomware gang has not only taken down WordFly, a mailing list provider for top arts organizations among others, but also siphoned data belonging to the US-based Smithsonian, Canada’s Toronto Symphony Orchestra, and the Courtauld Institute of Art in London.

As of right now, WordFly’s main website is unavailable, and has been offline for the past two weeks. “Please plan accordingly if you need to send email before Aug. 1,” the firm advised on a separate site. WordFly is one of those companies that takes care of sending out mass emails, typically marketing messages, to customers who sign up for said bumf.

In an update about the ongoing outage, WordFly exec Kirk Bentley said the outfit’s engineering team discovered a network disruption on July 10. “The incident was propagated by a bad actor who conducted a ransomware attack on WordFly, resulting in the encryption of the WordFly application,” he wrotein a support note.

During said attack, miscreants stole customers’ email addresses and “other data” used by those organizations to communicate with their fans via WordFly. “At this time, we believe that the exported data was not sensitive in nature and largely consisted of names and email addresses,” Bentley added….