Donor Network of Arizona (DNA), an Arizona non-profit organization and federally designated organ procurement organization, was recently the victim of a criminal ransomware attack. This notice is intended to describe the attack and DNA’s response and to provide additional information for potentially affected individuals.
In the early morning hours of October 15, 2021, DNA discovered an ongoing ransomware attack. DNA’s information-technology personnel expelled the attackers from DNA’s systems, but the attackers were successful in encrypting many of DNA’s servers.
Despite the encryption of those servers, DNA’s mission-critical systems remained functional at all times, and the Arizona donor registry was not affected. DNA was therefore able to continue its life-saving work on behalf of organ donors and recipients. With the help of cybersecurity experts retained by the company, DNA was able to restore its affected systems within weeks of the attack and mitigate the risk of future attacks.
DNA promptly informed the FBI of the attack and retained cybersecurity experts to investigate. The investigation revealed that the attackers likely infiltrated DNA’s systems for only a short time but may have been able to exfiltrate certain files from the affected servers before encrypting them.
What Information Was Involved
DNA undertook a managed review of the potentially exfiltrated files and ultimately determined that some of those files contained the following categories of personal information:
- First name or first initial and last name, in combination with one or more of the following specified data elements:
- Social Security number.
- Driver’s license number or nonoperating identification license number.
- Unique private key used to authenticate or sign an electronic record.
- Financial account number or credit or debit card number in combination with a required security code, access code, or password.
- Health insurance identification number.
- Information about medical or mental health treatment or diagnosis by a health care professional.
- Username or e-mail address, in combination with a password or security question and answer.
In fewer than 10 instances, the potentially exfiltrated files included an individual’s passport number or an individual’s personal identification number issued by the IRS.
What Potentially Affected Individuals Can Do
At this time, DNA is not aware of any fraud or misuse of any personal information as a result of this incident. However, individuals can find information and resources regarding identity theft, published by the U.S. Federal Trade Commission (FTC), at: https://www.identitytheft.gov/ or https://consumer.ftc.gov/features/identity-theft. The FTC may also be contacted by mail or phone at:
Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, DC 20580
Telephone: (202) 326-2222
Toll-Free: 1-877-FTC-HELP (1-877-382-4357)
Individuals may also contact the three largest nationwide consumer reporting agencies as follows:
The security of personal information is important to DNA, and we sincerely regret that this incident occurred.
Additional information about the incident can be obtained by phone (toll-free) at 855-503-2951.
Again, DNA is not aware of any fraud or misuse of any personal information as a result of this incident. In addition, please note that the DonateLifeAZ Registry was not impacted. Nonetheless, we sincerely regret the incident and continue to review our policies and practices to ensure that appropriate protections are in place to prevent or mitigate future attacks.
DNA’s commitment to Arizonans is to be constantly vigilant about the integrity of our work in donation. We work around the clock throughout the year with thousands of families at a difficult time in their lives to provide a tremendous gift to someone who is waiting for a new or renewed life. We take very seriously our responsibility to our employees, donors, their families and transplant recipients as well as our future ability to both save and improve lives.