Indiana Accounting Firm Struck by Ransomware Attack

Media Division | August 17, 2017

As we just wrote about yesterday, ransomware is one of the most prominent forms of cyber attacks that continue to be employed. It can be quite simple for attackers to formulate ransomware, and it is also quite easy for them to infect the systems of individuals and organizations through phishing methods. Phishing can come in a number of different forms, but it is not the only method that attackers use to inject ransomware and other threats into systems. In yet another ransomware incident, the accounting firm Whitinger & Company in Indiana had their systems infected, and it also potentially resulted in a data breach of client information.

How Whitinger & Company Discovered and Handled the Incident

Whitinger & Company has two offices in Indiana, and they provide several different services, such as taxes, accounting, financial advisement, estate planning, and fraud detection. They had suffered a ransomware attack which locked them out of a number of files within their system, though reports do not seem to specify as to what files were affected in the incident. The perpetrator of the attack appears to have accessed their systems between January 29th and March 3rd. Upon discovering the infection, the accounting firm had hired cyber forensics experts to investigate and trace the perpetrator, though there does not seem to be any information as far as to whether they were successful in the latter. Once they had investigated the incident further and determined who was affected, the company then sent letters on July 18th to notify potentially affected clients. In response to the incident, the firm is offering free credit monitoring and identity protection services for two years to those potentially impacted. They have also set up a hotline to call with any questions, as well as provided advice to affected clients on how to better protect themselves against fraud and identity theft.

Breaches of any organization that deals with financial data and transactions can be extremely detrimental. Attackers can potentially gain access to bank account and card information and in some cases even Social Security numbers. All of this data can, of course, be used for a multitude of malicious purposes. One of the difficult aspects of this kind of data theft is that attackers do not always use the stolen information right away. They may use card data quickly, being that they want to use it before the cards are canceled. But, with data like bank accounts and Social Security numbers, they may hold onto it for a while before employing it. This means that those whose information is stolen often have to remain vigilant about fraudulent activity for quite some time.

Addressing a Cyber Incident with Data Breach Solutions

When an organization of any type suffers a breach, there is a series of actions that they must rapidly complete to address it. This can include things like handling the immediate security vulnerability, bolstering defenses, tracing the perpetrator, and notifying those potentially impacted, all of which comes under the heading of data breach solutions. Realistically, if an organization is careless or slow in handling any of the above, the incident can result in much further damage or even organizational failure in some cases. With a breach, there is, of course, the immediate detriment of data and fund loss, but there is also the potential for heavy reputation and customer trust damage, especially when an incident is not mitigated comprehensively. In most cases, an organization can make a smooth recovery from a data breach, but only when they place focus upon proper remediation. Massive Alliance offers extensive data breach solutions that can help organizations to come back from a cyber incident.

Massive's Media Division publishes timely news and insights based on current events, trends, and actionable cross-industry expertise.