NRA confirms last year's ransomware attack

NRA confirms last year's ransomware attack

According to a report from Gizmodo, the National Rifle Association (NRA) has confirmed that it was the subject of a ransomware attack last October.

In a filing to the Federal Election Commission (FEC), the organization's Political Action Committee (PAC), the NRA experienced a ransomware attack on October 20th, 2021 that brought its "network offline for two weeks". Because the NRA "was not able to access email or network files until the second week of November," the NRA failed to report the donation of approximately $2,500, which was the reason for the filing.

Last year, a Russian cybercriminals group known as Gref allegedly took credit for hacking the NRA and posting stolen documents on the dark web. Grief, which is said to be linked to Russia's famed hacking group Evil Corp, threatened to release more documents if its payment limits were not met.

No word on whether the NRA ever paid. At the time the organization never publicly confirmed the attack, and instead issued a statement on Twitter, stating that it "does not discuss matters relating to its physical or electronic security," and that it "does not discuss information related to its physical or electronic security." takes extraordinary measures to protect the

The NRA did not immediately respond to The Verge's request for comment. It notes in the filing that it has "implemented additional cybersecurity measures to reduce the likelihood of a recurrence."