Toronto Symphony Sideswiped By WordFly Ransomware Attack

Share post:

One of Canada’s biggest orchestras is among North American organizations victimized by a ransomware attack earlier this month on WordFly, a digital communications and marketing platform used by arts, entertainment, culture and sports firms.

On Monday afternoon, the Toronto Symphony Orchestra — which uses WordFly as an email provider — notified subscribers by email of the July 10 incident because the attacker also exported customers’ information from the WordFly environment, including data WordFly was handling on behalf of the TSO. The TSO has temporarily switched email providers so its communications can continue.

The statement didn’t say how many subscribers might be involved, although it does say payment and financial data weren’t copied. Nor were the TSO’s IT systems involved.

“WordFly assures us that there is no evidence to suggest that the data was misused for any purpose by this attacker, nor made publicly available,” the message says.

“Further, WordFly’s understanding is that the data has now been deleted from the attacker’s possession.”

As of 5:30 p.m. Eastern on July 25, WordFly’s status website said its IT systems were still unavailable. A support page says that on July 14th it learned the “bad actor” responsible for the attack exported the email addresses and other data customers — like the TSO — use to communicate with their subscribers. “At this time, we believe that the exported data was not sensitive in nature and largely consisted of names and email addresses,” WordFly said. “It is our understanding that as of the evening of July 15, 2022, the data was deleted from the bad actor’s possession,” the statement added.

Other large cultural agencies impacted include the U.S.-based Smithsonian Institution, the Courtauld Institute of Arts and the Sydney Dance Company in Australia.

According to Arts Professional, U.K. institutions victimized include the Southbank Centre,  the Royal Shakespeare Company, the Royal Opera House and The Old Vic theatre.

The TSO urges subscribers to be careful handling emails, text messages, or phone calls asking for their personal information, and messages that include links or attachments — even messages coming from trusted individuals or companies.

“In particular, remain vigilant of any communication referencing your relationship with the TSO,” the advisory says. “The TSO will never ask you to provide payment, financial, or other sensitive information by email.”

It also reminds subscribers to check their credit and debit accounts for unauthorized charges and transactions.

Finally, it urges subscribers to use strong passwords for personal and financial accounts, and to avoid using the same passwords across various services.

The post Toronto Symphony sideswiped by WordFly ransomware attack first appeared on IT World Canada.

Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

SUBSCRIBE NOW

Related articles

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

New macOS Malware Exploits Apple’s Security Features to Stay Hidden and Steal User Data

A newly discovered variant of the Banshee macOS Stealer malware is putting 100 million Apple users at risk...

Microsoft MFA Outage Blocks Access to Microsoft 365 Apps, Raising Cloud Reliability Concerns

Microsoft faced another significant service disruption over the weekend, with a Multi-Factor Authentication (MFA) outage that blocked users...

Cyber Attack Hits Key Dutch University, Raising Concerns for Chip Giant ASML

Eindhoven University of Technology, a critical partner for semiconductor giant ASML Holding NV, has been hit by a...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways