The National Rifle Association, defender of gun-loving maniacs everywhere, has confirmed that it did, in fact, get hacked by cybercriminals last year.
On Friday, the organization’s political action committee (PAC) submitted a filing to the Federal Election Commission confirming the attack. The PAC made the filing to the FEC in an effort to explain a recent financial discrepancy—it had failed to report thousands of dollars in donations to the government.
A ransomware gang calling itself “Grief” bragged to the digital underworld last October about compromising the gun lobby’s servers and stealing sensitive internal documents. It leaked screenshots of what it claimed were documents that had been stolen during the incident. At the time, the NRA did not confirm or deny that it had been hacked, issuing an evasive statement about how it “does not discuss matters related to physical or electronic security.” Now, however, the NRA has admitted that it got pwned. The hackers were telling the truth.
According to the filing, the ransomware attack hit the NRA on October 20, 2021, taking the entire organization offline. NRA employees did not regain full access to the internet, their email inboxes, or their networked files until the second week of November. Grief leaked additional documents that month, including bank account numbers and other “sensitive personal and financial information,” seemingly still waiting for the NRA to pay up.
The weapons promoter blames the confirmed cyberattack for the fact that it failed to report a slew of credit card contributions it received the same month as the incident. According to the filing, some $2,485.66 in contributions weren’t “processed correctly” into its donor base due to the fact that its network had been blitzed. The allegedly extremely corrupt organization has been accused of abusing the bankruptcy process to evade legal action, and the New York attorney general has sued to dissolve it entirely for alleged financial misconduct.