In April 2024, the Atlantic States Marine Fisheries Commission (ASMFC) fell victim to a ransomware attack executed by the 8Base ransomware group. The attackers successfully breached ASMFC’s systems, exfiltrating invoices and personal information before encrypting critical infrastructure. The group demanded a ransom in exchange for not publicly releasing the stolen data, while the attack disabled ASMFC’s email system, forcing the organization to establish temporary communication channels to maintain operations.The incident underscores the growing threat posed by ransomware groups like 8Base, which frequently target smaller government and maritime organizations with weaker cybersecurity defenses. While the full scope of the compromised personal data remains undisclosed, the breach disrupted administrative functions and exposed sensitive financial and personal records. The attack highlights vulnerabilities in public-sector cybersecurity, particularly in agencies managing environmentally critical operations like marine fisheries. The financial and reputational damage, combined with operational disruptions, positions this as a severe cybersecurity failure with broader implications for trust in governmental data protection.
TPRM report: https://www.rankiteo.com/company/asmfc-us
"id": "asm523092125",
"linkid": "asmfc-us",
"type": "Ransomware",
"date": "4/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"{'affected_entities': [{'industry': 'maritime/fisheries regulation',
'location': 'United States',
'name': 'Atlantic States Marine Fisheries Commission '
'(ASMFC)',
'type': 'government agency'}],
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'moderate to high (personal '
'information included)',
'type_of_data_compromised': ['invoices',
'personal information']},
'date_detected': '2024-04',
'date_publicly_disclosed': '2024-04',
'description': 'In April 2024, the Atlantic States Marine Fisheries '
'Commission (ASMFC) confirmed a cyber incident following a '
'breach claimed by the 8Base ransomware group. Attackers '
'reportedly stole invoices and personal information, demanding '
'ransom in exchange for not releasing the data. Due to the '
"breach, the ASMFC's email system went down, prompting them to "
'create temporary communication channels. 8Base, known for '
'targeting smaller organizations, added the ASMFC to its '
'growing list of victims, further highlighting the need for '
'enhanced cybersecurity in government and maritime '
'organizations.',
'impact': {'data_compromised': ['invoices', 'personal information'],
'downtime': True,
'identity_theft_risk': 'potential (personal information stolen)',
'operational_impact': 'temporary communication channels '
'established due to email system outage',
'systems_affected': ['email system']},
'motivation': 'financial (ransom)',
'ransomware': {'data_exfiltration': True,
'ransom_demanded': True,
'ransomware_strain': '8Base'},
'recommendations': 'enhanced cybersecurity measures for government and '
'maritime organizations',
'response': {'recovery_measures': 'temporary communication channels '
'established'},
'threat_actor': '8Base',
'title': 'Atlantic States Marine Fisheries Commission (ASMFC) Ransomware '
'Attack by 8Base',
'type': ['ransomware', 'data breach']}