BleepingComputer reports that the American Radio Relay League has disclosed having the data of 150 of its employees exfiltrated following a ransomware attack against its computer systems in May.
Information compromised in the incident, including names and other personal data, has not been misused by attackers, said ARRL in a filing with the Office of Maine's Attorney General, which emphasized measures aimed at curtailing further data compromise while also offering two years of free identity monitoring to impacted individuals. No additional details were provided regarding the threat operation behind the incident, which ARRL described to be a "malicious international cyber group" in an update issued last month. While the attack has been attributed by sources to the Embargo ransomware gang — which had been behind the compromise of major Australian non-bank lending firm Firstmac Limited — ARRL has not yet been listed in the ransomware operation's leak site.