Association falls victim to ransomware, pays $20,000 in cryptocurrency

Organization had difficulty handling the cyber incident

Association falls victim to ransomware, pays $20,000 in cryptocurrency


By Lyle Adriano

Two sources close to the matter have confirmed that the Federation of Sovereign Indigenous Nations (FSIN) has not only suffered from a data breach, but has also acquiesced to the hacker’s demands and paid a $20,000 ransom.

Anonymous insiders with direct knowledge of the attack revealed details to CBC News earlier this week, as delegates held elections to select a new chief and two vice-chiefs to lead the organization.

According to the tipsters, a hacker had managed to gain control of FSIN’s internal files and email system, holding the inaccessible data ransom. Files taken by the attack include information on residential school survivors, youth athletes and their coaches, internal land claims, and more.

Even the social insurance numbers, treaty card numbers and health claims of staff and the executive were accessed by the attacker.

The cyberattack went undetected for an undetermined amount of time. But in May, an FSIN staff member received an email from the hacker, who demanded a ransom of over $100,000.

FSIN’s treasury board and its audit committee met to discuss the attack, tipsters said. Some members wanted to send an immediate notice to all those affected by the breach, and others even suggested that the police should be called.

The organization did not act on any of its action plans.

The board and committee also cautioned staff not to pay the hacker, saying that there is no guarantee that the hacker would even return the data. Quiet negotiations between the FSIN and the hacker continued in the days following the meeting.

However, someone within FSIN eventually authorized and paid the hacker over $20,000 worth of Bitcoin.

Insiders said that since the breach, FSIN has contracted a private computer security business. While the organization’s email system works, there is no guarantee that the hacker did not retain the data.



Keep up with the latest news and events

Join our mailing list, it’s free!