Ransomware Attack on LARC Lansing Highlights Cybersecurity Risks for Non-Profits
Incident Date:
August 22, 2024
Overview
Title
Ransomware Attack on LARC Lansing Highlights Cybersecurity Risks for Non-Profits
Victim
LARC Lansing
Attacker
Inc Ransom
Location
First Reported
August 22, 2024
Ransomware Attack on LARC Lansing by INC Ransom Group
LARC Lansing, a not-for-profit organization dedicated to supporting individuals with intellectual and developmental disabilities, has recently fallen victim to a ransomware attack by the notorious INC Ransom group. This incident underscores the increasing vulnerability of community-focused entities to sophisticated cyber threats.
About LARC Lansing
LARC Lansing, officially known as the Lansing Area Rehabilitation Center, operates as a 501(c)(3) community-service entity. The organization is committed to empowering individuals with intellectual and developmental disabilities to lead self-directed lives and actively participate in their communities. LARC offers a range of services, including residential support, day programs, employment assistance, and respite care. With fewer than 50 employees and an annual revenue of less than $5 million, LARC is a modestly sized organization that plays a crucial role in its community.
Attack Overview
The ransomware group INC Ransom has claimed responsibility for the attack on LARC Lansing via their dark web leak site. The attackers allege that they have successfully exfiltrated sensitive data from the organization. This breach poses a significant risk to the personal information of the individuals LARC serves, potentially compromising their privacy and security.
About INC Ransom
INC Ransom is a highly sophisticated cybercriminal group known for its targeted ransomware attacks on various sectors, including healthcare, education, and government entities. The group employs advanced techniques such as spear-phishing campaigns and exploiting vulnerabilities like CVE-2023-3519 in Citrix NetScaler. Their modus operandi involves double extortion, where they not only encrypt data but also steal it, threatening to release it publicly to increase pressure on victims to comply with ransom demands.
Penetration and Vulnerabilities
While the specific details of how INC Ransom penetrated LARC Lansing's systems are not publicly disclosed, it is likely that the group used a combination of spear-phishing and exploiting known vulnerabilities. Community-focused organizations like LARC, which may have limited cybersecurity resources, are particularly vulnerable to such sophisticated attacks. The breach highlights the need for enhanced cybersecurity measures, even for smaller, non-profit entities.
Impact on LARC Lansing
The ransomware attack on LARC Lansing is a stark reminder of the growing threat landscape facing community-service organizations. The potential exposure of sensitive data could have far-reaching consequences for the individuals LARC supports, undermining their trust and the organization's mission. As LARC navigates the aftermath of this breach, the incident serves as a critical case study in the importance of cybersecurity preparedness for all organizations, regardless of size or sector.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.