Ransomware attack hit Teamsters in 2019 — but they refused to pay
WASHINGTON — When the Teamsters were hit by a ransomware attack over Labor Day weekend in 2019, the hackers asked for a seven-figure payment.
But unlike many of the companies hit by high-profile ransomware attacks in recent months, the union declined to pay, despite the FBI's advice to do so, three sources familiar with the previously unreported cyberattack told NBC News.
"They locked down the entire system and said if we paid them they would give us the encryption code to unlock it," said one of the sources, all of whom spoke to NBC News on the condition of anonymity because they were not authorized to discuss the hack publicly.
Until now, the major labor union had managed to keep the hack out of the public eye for nearly two years. That points to a truth that cybersecurity experts say is lurking beneath the surface of recent high-profile attacks: An unknown number of companies and organizations have been extorted without ever saying a word about it publicly.
Communicating with Teamsters officials on the dark web through a site provided in the ransom note, the attackers demanded $2.5 million in exchange for restoring the union's access to electronic files. Personal information for the millions of active and retired members was never compromised, according to a Teamsters spokesperson, who also said that only one of the union's two email systems was frozen along with other data.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25385324/vpavic_20240407_Untitled_Job_11415.jpg)
/cdn.vox-cdn.com/uploads/chorus_asset/file/24801728/Screenshot_2023_07_21_at_1.45.12_PM.jpeg)