Ransomware Gang Targets Nonprofit Providing Clean Water to World’s Poorest
In a recent report by The Record website, it was revealed that on January 11th, the ransomware group Medusa listed Water for People, a nonprofit organization dedicated to providing clean drinking water to impoverished areas, on its dark web victim list.
Medusa demanded a ransom of $300,000 from the organization, threatening to publish the stolen information if not paid. A spokesperson for Water for People stated, “The stolen data is all from before 2021, our financial systems were not compromised, and there has been no impact on any business operations. We are working with a top-tier incident response company, as well as our insurance provider, and strengthening our systems with our security team to prevent similar incidents in the future.”
“While the recent cyberattack from the Medusa ransomware has not affected our work, it does reflect how even organizations like ours are becoming targets,” the spokesperson added. “We attempted to engage in negotiations in good faith, but with no result.”
With operations in 9 different countries, including Guatemala and Honduras in Latin America, Mozambique in Africa, and India in Asia, Water for People aims to improve the water conditions for over 200 million people in the next eight years. Prior to the ransom attack, the organization received a $15 million grant from MacKenzie Scott, the ex-wife of Amazon founder Jeff Bezos, who is now a billionaire philanthropist.
According to the latest analysis by Unit 42, this is not the first time Medusa has targeted organizations connected to water supply. Last year, an Italian company providing drinking water to nearly 500,000 people fell victim to the group’s attack.
Despite lacking financial security, with most relying on donations for operation, many organizations in the nonprofit and NGO sectors have not been spared from ransomware attacks in recent times.
Research data from Unit 42 indicates that the nonprofit sector, along with media, entertainment, and agriculture industries, regularly face attacks from Medusa. Security incident trend data from the UK’s data protection regulatory body shows that over 100 ransomware incidents have been reported by charitable organizations since 2020. In September of last year, Save the Children, an international humanitarian association, also fell victim to an attack.
The analysis by Unit 42 highlights that Medusa launches attacks indiscriminately, underscoring the fact that such ransomware groups have evolved into a significantly widespread threat.
Reference: Ransomware gang targets nonprofit providing clean water to world’s poorest