Posted on 01/04/2020 8:00:04 AM PST by DUMBGRUNT
An Arkansas-based telemarketing firm sent home more than 300 employees and told them to find new jobs after IT recovery efforts didn't go according to plan following a ransomware incident that took place at the start of October 2019.
"Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically 'held us hostage for ransom' and we were forced to pay the crooks to get the 'key' just to get our systems back up and running," wrote Sandra Franecke, the company's CEO, in the letter sent to employees.
(Excerpt) Read more at zdnet.com ...
Yep. You don’t find out the backups don’t work until you get hit.
I have an open folder on my machine on an external that contains mp3’s, open to the world. It gets ransomed in about 2 weeks.
Last year, the corrupt City of Baltimore got tagged for ransomware because they didn’t bother with a Microsoft patch. The hacker knew the city was bankrupt so they only asked for $70,000. The idiots in the city essentially shut down for 3 months and spent $10,000,000 so they didn’t have to pay $70,000.
These idiots were asking people to voluntarily come in and pay what they thought they owed on their water bills.
Probably not hackers. They invited the ransomware into the shop. That’s how it works. Someone fell for a phish.
I get medical brace scam calls all day every day. Occasionally another type of scam will sneak in but no matter how many times numbers are blocked the medical brace scams just keep coming.
“I feel for the employees but a telemarketing company biting the dust is no great loss and it reflects on the IT department.”
Just speculating, but it wouldn’t surprise me if they decided to ‘keep costs down’ when it came to IT security.
“I don’t give out my cellphone number unless absolutely necessary (financial institutions that require two factor authentication, etc). I absolutely don’t answer my cellphone any more. Almost every call is either a student loan refinance scam or an IRS scam. I’ll check voice mails once a week or so.”
I go a step further and give fake Social Security numbers to medical facilities, as they’re only needed to help out Collections. The rest of my information is real (maybe except phone numbers). Obviously I pay my bills, so there’s no reason for them to sorry about the SSN...so never any problems.
[[malicious software that basically ‘held us hostage for ransom’ ]]
huh? They don’t do backups? You can get FREE backup software like macrium reflect, that runs before windows even starts so you can get back to a safe point easy peasy- Run something like rollbackRX- do a system restore and ransom crap is gone-
[[I absolutely don’t answer my cellphone any more.]]
Why pay a monthly fee then?
“I have an open folder on my machine on an external that contains mp3’s, open to the world. It gets ransomed in about 2 weeks.”
You mean that external drive gets seen by an attacker and attacked every 2 weeks? If true, why does the attacker find your drive worth attacking. My personal machine has no protection and runs for years without a visible problem. By the way, I do file and image backups regularly to an external drive that’s not plugged in except for the few minutes when backing up.
Why can’t computers be protected from attackers? Why is it such a problem? Does it boil down to the attacker getting a password?
If I had to guess, the employees would base their argument on the company being negligent. It’s not that the company is obligated to provide jobs, but that ransomware is a known risk, and therefore can be mitigated. The company failed to take easily identifiable steps to ensure that it wasn’t incapacitated by such an attack. It then would fall to the company to prove that it had done due diligence and taken reasonable steps to prevent such an occurrence. If they can’t show that they took the proper steps, and that their recovery attempts failed due to issues beyond their control, then they might be on the hook for some kind of compensation to the employees.
OK, folks, make fun because a telemarketer . BUT, this is happening to many large companies and cities/county governments and it costs the taxpayers big time. One huge downsize is the court systems. Many crooks are let go simply because there is not access to data. This is a widespread problem.
At home 'off grid' copies ... great idea.
All IT folks are fungible anyway.
It’s on a network at the university. Probably a crawler gets it
Gentile reminder to the Freeper community:
- Back up your home systems. Automated back up to an inexpenseive terabyte drive is relatively easy to set up
- Update your anti virus / anti malware application and run to clean up your system
- Make sure you have a patched operating system
- perform your annual system maintenance (delete files no longer used, defrag your drive and registry)
> I get medical brace scam calls all day every day. <
Here’s a recording of a back brace scammer calling a confused old man. What the scammer doesn’t realize is that the “old man” is just a recording, set up to waste the scammer’s time.
The recording is fully automated. It is designed to say something plausible whenever the scammer asks a question. It’s quite effective. It’s also VERY entertaining, as the scammer gets more and more frustrated as time goes on.
I believe there is a way to transfer your scam calls to this recording.
And make sure you aren’t stupid and click on links and downloads.
Yes, your advise is good and will probably protect people from themselves.
I don’t get why people play stupid games with them. I don’t answer them even when they get through. My app stops most of them and the ones it doesn’t I go back and block. Why people still answer ‘unknown caller’ is beyond me.
An Arkansas-based telemarketing firm
Did the hackers spoof the phone number to gain access? Maybe turn about is fair play. No sympathy from me for telemarketing leaches.
I live literally around the corner from this company and had no idea this had occurred. To be fair, while I don’t know a lot about their business model, I do know they processed phone transactions for FTD. The term “telemarketing” might be a misleading in this context.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.