A company responsible for operating privately-run prisons, as well as detention centers for illegal immigrants, has suffered a ransomware attack. The GEO Group, which operates secure facilities across the US and internationally, confirmed that sensitive information relating to inmates and residents was exposed during the incident.
Specifically, the ransomware attack involved personally identifiable information and health data relating to the South Bay Correctional and Rehabilitation Facility in Florida, a youth facility in Marienville, Pennsylvania and another facility in California that is now closed.
Employee data stored on two corporate servers was also compromised during the incident, which took place back in August.
“Upon discovery on August 19, 2020, GEO promptly launched an investigation, engaged industry-leading cybersecurity firms to respond to the incident, and notified its customers and law enforcement,” a company press release stated.
“GEO implemented several containment and remediation measures to address the incident, restore its systems and reinforce the security of its networks and information technology systems. The company recovered its critical operating data and, based on its assessment and on the information currently known and obtained through the investigation, the company does not believe the incident will have a material impact on its business, operations or financial results.”
Currently, it is not clear whether GEO managed to restore the compromised data by using backup solutions or if the ransom was paid to the cyberattackers. GEO did state that it is unaware of any misuse of information stemming from the incident.
Although the ransomware attack only affected a small proportion of GEO’s security facilities, the company is sending data breach notification letters to all affected individuals. Although the breach is unlikely to cause long-term financial damage to GEO, shares in the company did fall in the immediate aftermath of the disclosure.