Who: Delaware Guidance Services for Children and Youth

When: 13 Mar 2019

# of records involved: 50,000

What happened: Ransomware attack on Delaware Guidance Services for Children and Youth

How did it happen: The types of data in the files that were encrypted by the ransomware included names, addresses, birth dates, medical information, and Social Security numbers. All affected individuals have been offered 12 months of complimentary credit monitoring services through MyIDCare. The ransomware attack was reported to law enforcement and the Department of Health and Human Services’ Office for Civil Rights (OCR).

Outcome: After recovering files, DGS engaged an IT firm to conduct a forensic analysis to determine whether the attackers had gained access to sensitive information prior to encrypting files.DGS has not publicly disclosed how much was paid for the decryption keys to unlock the files on its data servers. After recovering files, DGS engaged an IT firm to conduct a forensic analysis to determine whether the attackers had gained access to sensitive information prior to encrypting files. The firm found no evidence to suggest that any protected health information had been compromised or stolen. The attack appeared to have been conducted solely for the purpose of extorting money from DGS.