HomeRisk ManagementsToronto Zoo data stolen by ransomware attackers after snatching decades worth of...

Toronto Zoo data stolen by ransomware attackers after snatching decades worth of visitor records

Published on

spot_img

The Toronto Zoo recently provided its final update on the cyberattack that occurred in January 2024, revealing that visitor data dating back to 2000 had been compromised. In a detailed report, the zoo disclosed that personal information of individuals who purchased general admission tickets or zoo memberships between 2000 and April 2023 was stolen by ransomware attackers during the digital heist.

The stolen data included first and last names, home addresses, phone numbers, and email addresses, with credit card details such as the last four digits and expiration dates also being lifted for those who made transactions between January 2022 and April 2023. The zoo urged all affected individuals, as well as its guests and members, to remain vigilant against phishing and online fraud and to monitor their financial account statements regularly.

The Toronto Zoo reported the cyberattack to the Office of the Information and Privacy Commissioner of Ontario (IPC), which initiated an investigation into the matter. The IPC advised that affected individuals did not need to file separate complaints as they were already looking into the issue. With approximately 1.2 million visitors annually and 35,000 households participating in its membership program, the zoo emphasized the importance of data security in light of the breach.

In addition to visitor and member data being compromised, the zoo revealed that personal details of all current and former staff members dating back to 1989 were also accessed by the cybercriminals. Each affected individual was notified and offered credit monitoring services as a gesture of apology for the breach.

Although the zoo did not explicitly mention the term “ransomware” in its final update, it acknowledged that the cyberattack was orchestrated by the ransomware group known as Akira. Despite ongoing efforts to secure its IT infrastructure and collaboration with the City of Toronto’s Chief Information Security Office, Akira still claims to possess the zoo’s data containing sensitive information about animals, research, and personal files.

Akira gained notoriety in 2023 for targeting high-profile entities like Lush, Tietoevry, Stanford University, and Nissan Australia. Experts warned of Akira’s rising threat level in the ransomware landscape following the decline of previous dominant players like BlackCat and LockBit.

The Toronto Zoo expressed regret over the data breach and emphasized the measures taken to enhance its network defenses and detection capabilities to prevent future cyber incidents. Despite the challenges faced by employees and the loss of valuable wildlife conservation research, the zoo reassured its supporters of its commitment to maintaining data security and expressed gratitude for their ongoing support throughout the ordeal.

As the zoo continues to navigate the aftermath of the cyberattack, it remains focused on strengthening its cybersecurity measures to safeguard visitor, member, and staff data from potential threats in the future.

Source link

Latest articles

Cynomi’s Focus on Autonomous AI Agents for Security Teams

CEO David Primor Discusses the Impact of AI on Engineering Productivity Cynomi, a promising player...

Forescout Discovers AI-Powered Phishing Campaign Featuring Fake eCards

Emerging Threats: The Sophisticated SeasonalInvite Phishing Campaign Exposed by Forescout In an eye-opening revelation, new...

Microsoft Addresses 570 CVEs in Historic Patch Tuesday

Microsoft Releases Unprecedented Number of Security Updates In a significant move, Microsoft has announced the...

Malware Attacks Japan’s Leading Taxi Company Nihon Kotsu

Japan's leading taxi service provider, Nihon Kotsu, recently faced a significant cybersecurity incident that...

More like this

Cynomi’s Focus on Autonomous AI Agents for Security Teams

CEO David Primor Discusses the Impact of AI on Engineering Productivity Cynomi, a promising player...

Forescout Discovers AI-Powered Phishing Campaign Featuring Fake eCards

Emerging Threats: The Sophisticated SeasonalInvite Phishing Campaign Exposed by Forescout In an eye-opening revelation, new...

Microsoft Addresses 570 CVEs in Historic Patch Tuesday

Microsoft Releases Unprecedented Number of Security Updates In a significant move, Microsoft has announced the...