© 2024 CoolTechZone - Latest tech news,
product reviews, and analyses.

ARRL confirms data breach by unknown threat actor


The American Radio Relay League (ARRL), the National Association for Amateur Radio, has disclosed that ‘an unauthorized third-party’ stole personal information of some of its employees.

In a data breach notification addressed to the Office of the Maine Attorney General, the ARRL wrote that it detected and stopped ‘a sophisticated ransomware incident’. On or around May 14 an attacker accessed and encrypted ARRL’s computer systems.

“We immediately took the affected systems offline, secured our network environment and engaged independent third-party forensic specialists to assist us with investigating the extent of any unauthorized activity,” the organization states.

The attacker may possibly have stolen private information of some of its employees, including names, addresses and social security numbers. As of writing there’s no evidence of any abuse of employee data.

The ARRL estimates that 150 staff members have been affected by the incident. The club for radio amateurs says it has taken ‘all reasonable steps’ to minimize the impact of the data breach and that it’s working with federal law enforcement to investigate the matter.

To tighten the security of ARRL’s computer systems, the company has implemented additional safety measures. It also called upon external forensic experts the investigate the incident.

Lastly, the ARRL encourages affected victims to check whether their personal information is being misused to commit identity theft or financial fraud. If so, they should contact the office of the Attorney General or the Federal Trade Commission (FTC).

The ARRL doesn’t want to say who’s responsible for the data breach. Sources familiar with the case tell BleepingComputer the Embargo ransomware operation is behind the attack. The tech site points out that ARRL hasn’t been added to the hacking group’s victim list on the dark web.


Leave a Reply

Your email address will not be published. Required fields are marked