US illegal immigration detention center operator hit by ransomware attack

(Image credit: Shutterstock)

A company responsible for operating privately-run prisons, as well as detention centers for illegal immigrants, has suffered a ransomware attack. The GEO Group, which operates secure facilities across the US and internationally, confirmed that sensitive information relating to inmates and residents was exposed during the incident.

Specifically, the ransomware attack involved personally identifiable information and health data relating to the South Bay Correctional and Rehabilitation Facility in Florida, a youth facility in Marienville, Pennsylvania and another facility in California that is now closed.

Employee data stored on two corporate servers was also compromised during the incident, which took place back in August.

The best ransomware protection tools available today
Protect your business with the best antivirus tools
We've also highlighted the best endpoint protection software

“Upon discovery on August 19, 2020, GEO promptly launched an investigation, engaged industry-leading cybersecurity firms to respond to the incident, and notified its customers and law enforcement,” a company press release stated.

“GEO implemented several containment and remediation measures to address the incident, restore its systems and reinforce the security of its networks and information technology systems. The company recovered its critical operating data and, based on its assessment and on the information currently known and obtained through the investigation, the company does not believe the incident will have a material impact on its business, operations or financial results.”

Prison break

Currently, it is not clear whether GEO managed to restore the compromised data by using backup solutions or if the ransom was paid to the cyberattackers. GEO did state that it is unaware of any misuse of information stemming from the incident.

Although the ransomware attack only affected a small proportion of GEO’s security facilities, the company is sending data breach notification letters to all affected individuals. Although the breach is unlikely to cause long-term financial damage to GEO, shares in the company did fall in the immediate aftermath of the disclosure.

Also check out our list of the best malware removal tools on the market

Via ZDNet

TOPICS

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services. After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.