Ransomware Gang Targets Easterseals, A Nonprofit for Disabled Individuals

In a disturbing escalation of cybercrime, the Rhysida ransomware group has targeted Easterseals, a prominent nonprofit dedicated to supporting disabled individuals. The gang is demanding a staggering $1.3 million in ransom from the organisation, which provides vital services to disabled children, seniors, military veterans, and others in need.

Easterseals, one of the oldest disability-focused organisations in the United States, serves over 1.5 million people nationwide and allocates more than 80% of its fundraising to direct care. Although the nonprofit has not commented publicly on the attack, it has filed breach notification documents with regulators in Maine, revealing that it experienced a significant network disruption in April.

The notification letters indicate that on 1 April, Easterseals detected a cyberattack that compromised its systems. Following the breach, the organisation immediately severed network access and enlisted a specialised cybersecurity firm to secure its environment and conduct a thorough investigation. This probe uncovered unauthorised access to sensitive files, affecting 14,855 individuals whose personal information—including names, addresses, Social Security numbers, and medical details—was accessed.

In response to the breach, Easterseals is providing one year of identity protection services to those impacted and has implemented enhanced security measures, such as endpoint security software and multifactor authentication.

The Rhysida group has a notorious history of targeting healthcare organisations, having previously attacked facilities like The Ann & Robert H. Lurie Children’s Hospital of Chicago. In a chilling twist, they have now posted Easterseals on their leak site, demanding payment in bitcoin by 30 October. This incident highlights the increasing vulnerability of nonprofits and critical services in the face of relentless cyber threats.