TSO Indirectly Pwned In Ransomware Attack

If you are a patron of the Toronto Symphony Orchestra (TSO), I think you’d like to know that a company that the TSO hired has been pwned in a ransomware attack. The TSO posted a statement but let me hit the highlights:

On July 10, 2022, our email provider, WordFly, became aware of a network disruption that rendered their technology inaccessible. We have come to learn that WordFly was subject to a ransomware attack. As part of the incident, the attacker exported customers’ information from the WordFly environment, including patron information that WordFly was handling on behalf of the TSO. WordFly assures us that there is no evidence to suggest that the data was misused for any purpose by this attacker, nor made publicly available. Further, WordFly’s understanding is that the data has now been deleted from the attacker’s possession. If you wish to learn more, you can read WordFly’s statements on the incident, which are available on WordFly’s website. The TSO’s own systems were not impacted by this incident.

As for who and what was affected:

Your payment and financial data were not compromised in any way by this incident. Personal information potentially impacted includes your name, email address, TSO Patron ID and information about your TSO account (e.g. donor level, credit on account status, gift certificate status). It may also include personal information certain patrons have volunteered to the TSO when responding to a survey, such as demographic information (age range, gender, ethnicity) and opinions on the TSO.

Now that’s not trivial. The TSO then goes on to explain what they’re doing about it and steps that patrons can do to protect themselves. But this is an example of why you have to choose the companies who work with you carefully. Otherwise you can end up like the TSO. As for the email provider, they are still down and likely won’t be up anytime soon.

One Response to “TSO Indirectly Pwned In Ransomware Attack”

  1. […] This is similar the Toronto Symphony Orchestra ransomware hack from a couple of weeks ago. Which is that this was a supply chain […]

Leave a Reply

%d bloggers like this: