back to article Culture shock: Ransomware gang sacks arts orgs' email lists

A ransomware gang has not only taken down WordFly, a mailing list provider for top arts organizations among others, but also siphoned data belonging to the US-based Smithsonian, Canada's Toronto Symphony Orchestra, and the Courtauld Institute of Art in London. As of right now, WordFly's main website is unavailable, and has …

  1. innominatus

    Naïve art?

    Hmmm - surely only arts people could say "the exported data was not sensitive in nature and largely consisted of names and email addresses" and believe it.

    Perhaps some high profile arts patrons will be receiving phishing emails very shortly?

  2. VoiceOfTruth Silver badge

    Ha ha

    -> the "situation has been contained,"

    Pulling the plug would do the same.

    -> bumf

    Very pleased to see this word in an article. It gives me a warm feeling, a bit like mufti.

    More should be made in this article about how data is passed to third parties, such as WordFly, who are usually termed "trusted parties" when you sign up for various mailing lists. I bet more than 99% of people who signed up on the Courtauld web site have never heard of WordFly, and yet here is WordFly with their email address.

    1. Doctor Syntax Silver badge

      Re: Ha ha

      If I get spam from someone I've dealt with previously, check its route & find it came from Mailchimp* and complain that PII has been passed on to a third party without my permission the response is usually mystification. They don't even realise that that's what they did.

      * Other "trusted third parties" are available.

  3. Pascal Monett Silver badge

    "WordFly believes"

    Nice to hear.

    What would be even nicer would be to read a technical forensic report that demonstrates Wordfly's beliefs are justified.

    But I doubt they have the expertise to do that, or the money to hire an expert to do it, or the will to go through the expense.

    WordFly is a mass-mailing system. Probably maintained by one guy, remotely.

    He's not going to waste his time on this and he doesn't have the necessary experience to handle it. Plus he probably has no clue as to what needs to be done to avoid a repeat of this issue.

    He'll just continue business as usual, and keep pocketing whatever he can bill.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like