A company responsible for operating privately-run prisons, as well as detention centers for illegal immigrants, has suffered a ransomware attack. The GEO Group (opens in new tab), which operates secure facilities across the US and internationally, confirmed that sensitive information relating to inmates and residents was exposed during the incident.
Specifically, the ransomware attack involved personally identifiable information and health data relating to the South Bay Correctional and Rehabilitation Facility in Florida, a youth facility in Marienville, Pennsylvania and another facility in California that is now closed.
Employee data stored on two corporate servers was also compromised during the incident, which took place back in August.
- The best ransomware protection tools (opens in new tab) available today
- Protect your business with the best antivirus tools (opens in new tab)
- We've also highlighted the best endpoint protection (opens in new tab) software
“Upon discovery on August 19, 2020, GEO promptly launched an investigation, engaged industry-leading cybersecurity firms to respond to the incident, and notified its customers and law enforcement,” a company press release (opens in new tab) stated.
“GEO implemented several containment and remediation measures to address the incident, restore its systems and reinforce the security of its networks and information technology systems. The company recovered its critical operating data and, based on its assessment and on the information currently known and obtained through the investigation, the company does not believe the incident will have a material impact on its business, operations or financial results.”
Currently, it is not clear whether GEO managed to restore the compromised data by using backup solutions or if the ransom was paid to the cyberattackers. GEO did state that it is unaware of any misuse of information stemming from the incident.
Although the ransomware attack only affected a small proportion of GEO’s security facilities, the company is sending data breach notification letters to all affected individuals. Although the breach is unlikely to cause long-term financial damage to GEO, shares in the company did fall in the immediate aftermath of the disclosure.
- Also check out our list of the best malware removal (opens in new tab) tools on the market
Via ZDNet (opens in new tab)