AFTS (or Automatic Funds Transfer Services) is a payment processing platform specializing in secure money transfers and address verification. Many government agencies across the U.S. rely on this payment processor for billing and verifying customers.
Because AFTS handles confidential data (like home addresses and credit card information), the repercussions of a cyber attack could be serious and widespread. In early 2021, AFTS became a victim of a ransomware attack.
Details of the AFTS breach in 2021
A cybercriminal group called “Cuba ransomware” stole a vast amount of unencrypted data from AFTS and implanted ransomware in the platform’s systems. This caused significant disruptions, taking down the entire website. The hackers requested a ransom payment in exchange for the stolen information. According to the group’s dedicated leaks site, the taken files included “financial documents, correspondence with bank employees, account movements, balance sheets, and tax documents.” The leaks site also stated that the ransom demand had been “paid.”
Impact on other agencies
- The California Department of Motor Vehicles (DMV) used AFTS to verify address changes with the national database. The Cuba group accessed 20 months’ worth of California vehicle registration data. That included names, addresses, license plate numbers, and vehicle identification numbers.
- The Lakewood Water District in Washington said the breach may have exposed names, addresses, water bill account numbers, and billing amounts.
- The city of Redmond, Washington, warned that its utility customers’ names and addresses could have been compromised as well.