While this investigation is ongoing, on November 27, 2017, NCPC determined that unauthorized access to a database server occurred on October 21, 2017, and that unauthorized access to the data stored on that server cannot be ruled out. The possibly affected database contains information provided during calls made to or from the center between January 1997 and October 21, 2017.
NCPC takes the security of information stored on our systems very seriously, and we understand this incident may cause concern or inconvenience. We continue to work with third-party forensic investigators to ensure the security of our systems, and encourage people to contact us at 877-218-3009 (U.S. and Canada callers) or 814-201-3664 (international callers) with any questions or concerns.The NCPC currently lacks complete contact information for at least some of the records in the affected database. As a result, it's posting the ransomware notice on its homepage (poison.org) along with the websites of state media outlets and publications. It's also urging those who might be affected to place a fraud alert or credit freeze on their credit reports with TransUnion, Experian, Equifax, and Innovis. In the meantime, organizations can protect themselves against ransomware attacks by implementing foundational security measures that, among other things, protect data via encryption, limit what individuals can access sensitive information, and ensure an organization can recover from a data corruption incident using data backups. Learn more about these controls and how they pair with Tripwire's solutions here. News of this attack follows less than three months after Arkansas Oral & Facial Surgery Center notified 128,000 patients of a ransomware attack that might have exposed their information.