Smithsonian Statement: WordFly Data Security Incident
Updated Aug. 2, 2022
We want to let you know about an incident that occurred at a company that we use to send email communications to our community about our programs and events. The company, WordFly, notified us on the evening of July 11th that they were experiencing a network disruption rendering their services inaccessible, which they later determined was due to a ransomware attack.
On Thursday July 14th, they notified us that some of their customer data, namely email addresses and names we upload to their service to send email communications, may have been impacted by this incident. On Friday July 15th, WordFly confirmed that, as part of the incident, data we maintain on their service was exported as part of the attack. WordFly shared with us that they worked with the attackers, and they believe the information has been deleted and there will be no further misuse of this information.
On July 22nd, we posted a notice to our website about this incident with the information we had available at that time.
On August 1st, WordFly sent us a notice that through their forensic investigation they were able to determine that only a subset of organizations had data impacted by the incident and confirmed the names and email addresses uploaded by the Smithsonian’s National Zoo and Conservation Biology Institute were exported. As WordFly has reported, they worked with the attackers and believe the exported information has been deleted.
We want to reassure you that we use this service to facilitate email communications and we do not store any information in the system that is financial or sensitive that could have been exposed by this incident. We will continue to monitor this situation and receive updates from WordFly and the forensic experts assisting them with this incident. If we learn any additional information about the information that was exported or have any reason to believe the data has not been deleted by the attackers, we will send an update to this notice.
WordFly has posted a statement and FAQs about the incident and has setup a website to provide status information on their efforts.
The Smithsonian is committed to protecting the privacy of all information you share with us and have programs in place to ensure the security of this information. We regret that this email information was exposed during the WordFly ransomware attack. WordFly believes the information was deleted, however we wanted to notify you of this incident since this is data you shared with us.