[BreachExchange] Boyd Group Income Fund Reports Ransomware Cyber-Attack
Destry Winant
destry at riskbasedsecurity.com
Fri Jul 5 10:21:29 EDT 2019
https://www.newswire.ca/news-releases/boyd-group-income-fund-reports-ransomware-cyber-attack-837880181.html
Boyd Group Income Fund (TSX: BYD.UN) ("the Fund," "the Boyd Group" or
"Boyd") today announced that on June 27, 2019, it detected a
ransomware attack on a subset of its information technology systems.
Upon detection by internal systems, steps were immediately taken to
contain and mitigate any potential impact to Boyd's data and to
operations as well as to start the recovery process.
At present, there is no evidence that customers' or employees'
information was compromised as a result of this attack although
cybersecurity experts are continuing to conduct and conclude a
forensic analysis to confirm this fact as quickly as possible. Should
findings dictate, Boyd will immediately take appropriate steps to
notify impacted parties. It should be noted that most customer
personal information is stored in cloud-based applications and not in
Boyd's systems. Any customer personal information stored in Boyd's
systems is limited in nature. Independent cybersecurity firms have
been brought in to help Boyd understand the full extent of the attack,
including conducting a comprehensive forensic review.
"We are taking this attack very seriously", said Brock Bulbuck, CEO of
the Fund. "The integrity of our data and the security of our systems
is paramount. Our team, backed up by independent industry specialists,
have been working around the clock to minimize the impact on our
valued customers, employees and operations. Unfortunately, no
organization can guarantee that it won't suffer a cyber-attack.
However, the Boyd Group is committed to ensuring that it has the
appropriate controls in place to quickly identify and recover from
such an attack."
Having detected the attack, Boyd immediately implemented
countermeasures to prevent further infection, in accordance with
established company policies. Additionally, back-up and recovery plans
were put into action, and are working effectively to get all systems
back to full functionality as quickly as possible and within normal
time frames for these types of events. Boyd has also reported the
attack to law enforcement agencies.
While most of Boyd's locations have been able to continue to process
and complete repairs at normal or near normal levels, this event and
the recovery period will result in a temporary interruption of some
business that will result in the loss of some sales. The full extent
of the impact on sales and earnings cannot be determined until all
operations have been fully recovered, however, at this time based on
current information and analysis, the overall financial impact is
expected to be minimal. Boyd has notified its insurance carrier of
this potential loss to maximize recoveries.
"While this has been a disruptive event that will have some short-term
impact on our sales and earnings, our business model and strategy
remains solid and unaffected. Boyd is committed to utilizing all
available means to protect its operations and its customers'
information,'' added Bulbuck. "We will continue to work with
cybersecurity specialists to turn back unauthorized activity in this
age of highly sophisticated threats to information systems."
More information about the BreachExchange
mailing list