Fog ransomware admits Central Pennsylvania Food Bank hack

October 16, 2024

U.S. soldiers support operations at the Atlanta Community Food Bank in April 2020. Food banks are one of many nonprofit organizations threatened by cybercriminal activity. (U.S. Army National Guard photo by Major Charles W. Westrip. “File:Food bank support (49743030266).jpg” by Georgia National Guard from United States is licensed under CC BY 2.0)

Cybernews reports that the Central Pennsylvania Food Bank was claimed to have been compromised by the Fog ransomware operation.

More than 20 GB of accounting and human resources files and client agreements, which included Social Security numbers, passports, and driver's licenses, were exfiltrated from the humanitarian aid organization's systems, according to Fog ransomware, which did not post any data samples on its leak site. Central Pennsylvania Food Bank has yet to confirm the attack but the claim was denounced by cybersecurity expert Dominic Alvieri. "No one should be hungry and no one should breach those helping the needy," said Alvieri in a post on X, formerly Twitter. Such a development comes more than a month after the Fog ransomware gang was reported by Dark Trace to have mounted accelerated attacks that enabled file encryption only two hours upon initial network access. Organizations across the U.S., especially those in the education industry, were also primarily targeted by the group, according to an earlier Arctic Wolf study.