Wisconsin Evangelical Lutheran Synod

On May 20, 2020, the Wisconsin Evangelical Lutheran Synod fell victim to a ransomware attack, compromising the personal data of 867 individuals, including 89 Washington residents. The breach exposed highly sensitive information such as names, dates of birth, financial account numbers, and Social Security Numbers (SSNs). This incident posed severe risks, including identity theft, financial fraud, and long-term reputational harm to the affected individuals. The attack targeted critical personal and financial data, indicating a deliberate effort to exploit confidential records for malicious purposes. The organization was required to notify regulatory authorities, including the Washington State Office of the Attorney General, highlighting the severity of the breach and its potential legal and compliance repercussions. The incident underscored vulnerabilities in the Synod’s cybersecurity defenses, raising concerns about data protection practices within religious and non-profit institutions.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=10216

TPRM report: https://www.rankiteo.com/company/wels

"id": "wel150082025",
"linkid": "wels",
"type": "Ransomware",
"date": "2/2020",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'customers_affected': 867,
                        'industry': 'non-profit/religious',
                        'location': 'Wisconsin, USA',
                        'name': 'Wisconsin Evangelical Lutheran Synod',
                        'type': 'religious organization'}],
 'data_breach': {'number_of_records_exposed': 867,
                 'personally_identifiable_information': ['names',
                                                         'dates of birth',
                                                         'Social Security '
                                                         'Numbers'],
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['personally identifiable '
                                              'information (PII)',
                                              'financial data']},
 'date_detected': '2020-05-20',
 'date_publicly_disclosed': '2020-08-10',
 'description': 'The Wisconsin Evangelical Lutheran Synod experienced a '
                'ransomware attack on May 20, 2020, affecting 867 individuals, '
                'including 89 Washington residents. The breached personal '
                'information may include names, dates of birth, financial '
                'account numbers, and Social Security Numbers.',
 'impact': {'data_compromised': ['names',
                                 'dates of birth',
                                 'financial account numbers',
                                 'Social Security Numbers'],
            'identity_theft_risk': 'high',
            'payment_information_risk': 'high'},
 'ransomware': {'data_encryption': True},
 'references': [{'date_accessed': '2020-08-10',
                 'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': ['Washington State '
                                                        'Office of the '
                                                        'Attorney General']},
 'title': 'Ransomware Attack on Wisconsin Evangelical Lutheran Synod',
 'type': 'ransomware'}