A recent computer system breach at an Ontario crop inputs company resulted in the posting for sale of private information of farmers.
Parts of the Agromart Group’s computer system were breached and locked in late May by the Revil hacker group. Agromart refused to pay a ransom and the hackers then decided to auction off the data in the system to the highest bidder.
Why it matters: The Agromart hack shows that agriculture isn’t immune to malicious computer data thieves, as hacking activity increases during the pandemic.
“Hackers were asking for money to get our data back. The decision was made not to pay in according to our values and authorities’ recommendations,” said David Brand, Agromart’s general manager via email.
Brand says the data breach was contained to Agromart and didn’t affect any other connected businesses like its parent company Sollio.
He says Agromart was able to continue business operations, although they operated “manually” for a while and he expects “the situation will be back to normal shortly”.
Revil tried to sell the data on the dark web – a part of the internet not accessible by search engines and business is conducted anonymously.
Revil posted some examples from the data it stole, including a mostly redacted credit application from Eric Allaer’s farm in the south end of Lambton County. The Agromart breach was widely reported by cybersecurity blogs and publications that monitor hacking and the dark web and some of them posted some of the example documents. Putting up data for auction is a new tactic for groups like Revil, which is why it was covered by the cybersecurity press.
Brand says Agromart customers were contacted about the data breach and have been offered a year of monitoring of credit from Equifax at no cost. The company also created an Equifax hotline for customers with any questions.
Allaer says that he was contacted quickly by his local SouthWest Agromart. They met with him and signed him up for the year of Equifax monitoring.
This isn’t the first time Allaer has gone through a computer system attack. A scam email that looks like it came from a bank resulted in the theft of money from the farm.
“A substantial amount of money was taken out of one of our bank accounts. It opened our eyes,” he says.
Now, however, more of Allaer’s information is available to interested buyers.
“There’s always a fear that something could happen,” he said. “The fact that Southwest came forward right away said this is where we’re at with Equifax, they’re keeping an eye on it, the RCMP is involved in it and also a government ministry that deals with these things, so I kind of feel a comfort in all that.”
At the farm level, Allaer’s office staff is vigilant about any emails that are out of the ordinary and his bank has been informed.
While the Agromart data breach has been a challenge for the company, Brand says “We are extremely far from high-profile cases which happen, sadly, too often in Canada. The investigation is well advanced, and we are confident that the scope of the event is minor.”