Dan Margulies reports on a breach that had the potential to cost lifes when a transplant network was temporarily locked out of its files:
Families of organ, eye and tissue donors are receiving letters this week from the Midwest Transplant Network informing them of a data breach affecting more than 17,000 individuals.
The breach, a malicious ransomware attack, occurred in February and locked Midwest Transplant Network out of its files for a brief period before it was able to regain access.
Read more on KCUR.
Did the network pay ransom to the unidentified attackers? I don’t recall ever seeing this entity on any dedicated leak site, and they wouldn’t answer the reporter’s question as to whether they had paid ransom. BUT: they said
Stoker said Midwest Transplant Network had no reason to believe the cyberattackers sold or otherwise distributed the data they obtained. But the network has, “out of an abundance of caution,” contracted with cybersecurity firm Kroll to address inquiries about the incident.
If they have no reason to believe… is it because they were given assurances because they paid? Could be but we do not know for sure.