Canopy Children’s Solutions, encompassing Mississippi Children’s Home Society, CARES Center Inc, and Mississippi Children’s Home Services Inc, encountered a ransomware attack in April, leading to the encryption of files on its systems. The incident, detected on April 4, 2023, prompted the engagement of third-party forensics experts to investigate its nature and scope. According to the data breach notice released on June 2, 2023, the attackers gained access to specific systems on the network, potentially acquiring certain files and folders. The ongoing investigation seeks to identify affected individuals and the types of data involved, with notification letters planned for distribution upon completion.
The Nokoyawa threat group has claimed responsibility for the ransomware attack on Canopy Children’s Solutions and added the organization to its data leak site. The group asserts that files are being prepared for publication and boasts of exfiltrating 150 gigabytes of data. The breach has been reported to the HHS’ Office for Civil Rights, with a placeholder of 501 individuals until the full extent of the data breach is determined. Canopy Children’s Solutions is actively reviewing its data privacy and security policies and procedures, implementing additional safeguards to prevent future attacks.
The attack on Canopy Children’s Solutions highlights the persistent threat of ransomware, with the Nokoyawa group aiming to leverage stolen data for publication. The ongoing investigation is crucial for understanding the impact on affected individuals and the potential compromise of sensitive information. The organization’s commitment to reviewing and enhancing data privacy measures reflects the broader challenge organizations face in securing their systems against increasingly sophisticated cyber threats.
