Mailing List Provider WordFly has been offline after ransomware attack
Image courtesy:WordFly/Facebook
On Wednesday, Mailing list provider WordFly has been offline for more than two weeks after ransomware encrypts data on some of its systems.
WordFly provides digital marketing for arts, culture, entertainment, and sports organizations, offering email and SMS marketing, forms, and surveys, among other options.
On July 10, the ransomware attack damages WordFly’s internal systems, and the company has failed to restore them since.
WordFly director Kirk Bentley said that the attack has distorted all of the company’s services, except for those running on external resources. Backup servers were also affected by the attack.
Bentley also reveals that the attackers were successful in accessing and exfiltrating data from the company’s servers. The data theft was found on July 14, and the threat actor allegedly deleted the stolen data the next day.
“It is our understanding that as of the evening of July 15, 2022, that data has been deleted from the bad actor’s possession. We have no evidence to suggest, before the bad actor deleted the data, that the data was leaked over the dark web and/or sent to any other public-facing domain/disseminated elsewhere,” WordFly said as per Security Week.
The exfiltrated data likely included names and email addresses, along with data that users imported into WordFly, which was collected in a form on WordFly, or which was transferred from TMS (the predecessor of WordFly).
The company says that the attackers have not exfiltrated credit card information or login details.
