Cyberattacks hit religious organizations

South Carolina-based Relentless Church and Catholic publishing firm Our Sunday Visitor have been claimed to be compromised in separate cyberattacks during the weekend, reports The Record, a news site by cybersecurity firm Recorded Future. The LockBit ransomware operation on April 29 admitted to having attacked Relentless Church, which facilitated the theft of employee data, including financial details and passports. Relentless Church, which has over 15,000 members and more than 100,000 online viewers for streamed services, has not confirmed the intrusion. Meanwhile, Our Sunday Visitor was claimed to be hacked by the Karakurt data extortion gang on April 30, resulting in the exfiltration of 130 GB of data, including employee information, accounting files, HR documents, invoices, marketing details, and financial contracts. Suspicious network activity has been recently discovered by Our Sunday Visitor, with immediate action done to secure its systems, according to Jim Weigert, the publishing company's chief marketing officer. While religious organizations are an unusual target for threat actors, rules preventing attacks against such entities are unlikely among ransomware gangs or hackers, noted Emsisoft ransomware expert Brett Callow. Meanwhile, limited financial benefit has been cited by Recorded Future's Allan Liska behind the lack of cyberattacks against churches.