CLEVELAND, Ohio — The Cleveland Museum of Art on Thursday notified email subscribers that its service may have been compromised by a ransomware attack on its external email distribution provider, WordFly.
The museum said in a written statement that it received notification at 9 a.m. on Friday, July 15, that “electronic email subscriber data could potentially have been compromised due to a ransomware attack.’’
The museum’s statement said that the breach involved data “limited to names, email addresses, and membership IDs, levels, and expiration dates where applicable.’’ The statement said that no sensitive personal information, such as credit card numbers, was involved.
The museum did not respond to a query from cleveland.com and The Plain Dealer about how many people may have been affected.
The museum’s statement said its cybersecurity team has followed its protocols and has verified that “no additional data has been compromised and that there has been no suspicious activity on our systems.’’ The museum said it has deactivated all WordFly-related access to its systems.
A statement posted on the WordFly website said that as of Friday morning July 29, “all systems are currently down.”
Another statement on the website described a network disruption “propagated by a bad actor’’ that had occurred on July 10, rendering its computer system inaccessible, and that as of July 14, the attacker had exported email addresses and other customer data.
The museum’s statement said that “at this time, we are not aware of the data being publicly distributed and/or misused.’’ It said it was releasing the alert “out of an abundance of transparency and because your privacy is important to us.”
The museum advised subscribers that “you should always be vigilant against suspicious emails that could be ‘phishing’ attempts.” It provided information about how to recognize potential phishing attempts at the website cybertalk.org.