Ransomware Hits Central PA Food Bank by Notorious Fog Group

Incident Date: Oct 15, 2024

Attack Overview
VICTIM
Central Pennsylvania Food Bank
INDUSTRY
Organizations
LOCATION
USA
ATTACKER
Fog
FIRST REPORTED
October 15, 2024

Ransomware Attack on Central Pennsylvania Food Bank by Fog Group

The Central Pennsylvania Food Bank, a prominent nonprofit organization dedicated to alleviating hunger across 27 counties in central Pennsylvania, has reportedly fallen victim to a ransomware attack by the notorious Fog group. This organization, which serves approximately 135,000 individuals monthly, has been a critical resource for food distribution, especially during crises like the COVID-19 pandemic.

Overview of the Attack

The Fog ransomware group claims to have exfiltrated over 20 GB of sensitive data from the Central Pennsylvania Food Bank. The compromised data allegedly includes client agreements, accounting records, and human resources files, with personal identifiers such as Social Security numbers, passports, and driver's licenses at risk. Despite these claims, the food bank has not confirmed the attack, and its operations appear to continue without disruption. The attackers have highlighted the organization's significant revenue, suggesting the critical nature of the data at risk.

About the Central Pennsylvania Food Bank

Established over 35 years ago, the Central Pennsylvania Food Bank is the largest provider of charitable food in Pennsylvania. It operates two Healthy Food Hubs in Harrisburg and Williamsport, distributing food through over 1,130 partner agencies. The organization is recognized for its transparency and financial health, earning a 4-star rating from Charity Navigator. Its mission is to fight hunger, improve lives, and strengthen communities, with a goal to ensure access to nutritious food for everyone struggling with hunger in its service area by 2025.

Fog Ransomware Group

Fog ransomware, a variant of the STOP/DJVU family, is known for its disruptive attacks across various sectors, including education and healthcare. It typically encrypts files with extensions like .fog or .flocked and demands a ransom in Bitcoin. The group employs sophisticated techniques such as exploiting VPN vulnerabilities and using pass-the-hash attacks for privilege escalation. In recent developments, Fog has shifted its focus towards more lucrative targets, including the financial sector, indicating its evolution into a more prominent cybercrime organization.

Potential Vulnerabilities

The Central Pennsylvania Food Bank's extensive network and significant data holdings make it a lucrative target for ransomware groups like Fog. The organization's reliance on digital systems for managing partnerships and distributing resources could have been exploited through compromised VPN credentials or known application vulnerabilities. The attack underscores the importance of effective cybersecurity measures for nonprofit organizations handling sensitive data.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.