Kanuga Conference Center

On January 19, 2022, Kanuga Conference Center fell victim to a ransomware attack, compromising the personal data of 1,971 individuals, including one Maine resident. The exposed information included first and last names and Social Security numbers, though no evidence of identity theft or financial fraud was reported. The incident was disclosed by the Maine Office of the Attorney General on March 4, 2022. While the attack did not result in confirmed misuse of the stolen data, the exposure of sensitive personally identifiable information (PII) particularly Social Security numbers poses a significant long-term risk for affected individuals, including potential identity theft, phishing, or fraudulent activity. The organization likely faced operational disruptions, reputational damage, and regulatory scrutiny due to the breach. The lack of confirmed fraud does not mitigate the severity, as the unauthorized access to highly sensitive data alone constitutes a major security failure with lasting consequences for both the company and the impacted individuals.

Source: https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/1c9a462f-7001-4988-8f1a-80b5740614f5.shtml

TPRM report: https://www.rankiteo.com/company/kanuga

"id": "kan039090625",
"linkid": "kanuga",
"type": "Ransomware",
"date": "1/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 1971,
                        'industry': 'conference/retreat center',
                        'name': 'Kanuga Conference Center',
                        'type': 'non-profit organization'}],
 'data_breach': {'number_of_records_exposed': 1971,
                 'personally_identifiable_information': ['first names',
                                                         'last names',
                                                         'Social Security '
                                                         'numbers'],
                 'sensitivity_of_data': 'high (includes Social Security '
                                        'numbers)',
                 'type_of_data_compromised': ['personally identifiable '
                                              'information (PII)']},
 'date_detected': '2022-01-19',
 'date_publicly_disclosed': '2022-03-04',
 'description': 'The Maine Office of the Attorney General reported that Kanuga '
                'Conference Center experienced a ransomware attack on January '
                '19, 2022, affecting a total of 1,971 individuals, including 1 '
                'Maine resident. The breach potentially exposed personal '
                'information, specifically first and last names and Social '
                'Security numbers, though there is no evidence of identity '
                'theft or financial fraud.',
 'impact': {'data_compromised': ['first names',
                                 'last names',
                                 'Social Security numbers'],
            'identity_theft_risk': 'no evidence of identity theft or financial '
                                   'fraud'},
 'references': [{'date_accessed': '2022-03-04',
                 'source': 'Maine Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Maine Office of the '
                                                        'Attorney General']},
 'title': 'Kanuga Conference Center Ransomware Attack',
 'type': 'ransomware'}