As disclosed to IAFC members January 25, our managed IT provider informed the IAFC January 17 that a ransomware campaign targeted a few of our servers, including one containing our membership database. After a thorough analysis of our systems by the FBI, the agency found no evidence that IAFC member data had been extracted or viewed.
The FBI will continue to keep our case active. Unless they uncover additional information, no further federal action is likely.
As a result of the cyberattack, the IAFC has fast-tracked the additional cybersecurity protections approved by the board of directors in December as part of the 2019 budget.