The National Rifle Association (NRA) has confirmed it was the subject of a ransomware attack that took place last October, according to a report from Gizmodo†
In a filing with the Federal Election Commission (FEC), the organization’s political action committee (PAC), the NRA explains that the NRA experienced a ransomware attack on October 20, 2021, which left the “network offline for two weeks.” Since the NRA “didn’t have access to email or network files until the second week of November,” the NRA has not reported nearly $2,500 in donations, which was the reason for the submission.
Last year, a Russian cybercriminal group called Grief took credit for allegedly hacking into the NRA and posting what appeared to be stolen documents on the dark web. Grief, said to be linked to well-known Russia-based hacking group Evil Corp, threatened to release more documents if the payment threshold was not met.
There is no word on whether the NRA ever paid. The organization never publicly confirmed the attack at the time, and instead issued a statement on Twittersaying that it “does not discuss matters related to physical or electronic security” and that it “takes extraordinary measures to protect information”.
The NRA did not immediately respond to The edge‘s request for comment. It notes in the filing that it has “implemented additional cybersecurity measures to reduce the likelihood of recurrence.”