Ransomware recovery underway at National Gallery of Canada

Ransomware recovery efforts are ongoing at the National Gallery of Canada, which is one of North America's largest museums, following an attack on April 23, which has prompted an IT system shutdown, according to The Record, a news site by cybersecurity firm Recorded Future. Some operational data has been compromised but no customer data and payment systems have been impacted in the ransomware attack, which has not yet been claimed by any threat operation. While the incident has not halted the gallery's operations, remote working has been adopted for many of its employees amid continued server restoration. "Our core focus was on protecting personal or sensitive information and the safe operation of the gallery. ... We remain diligent in working swiftly toward a full recovery," said National Gallery of Canada Interim Director and CEO Angela Cassie. Such an attack comes amid the increased ransomware targeting of arts organizations, with the Metropolitan Opera compromised last December and various museums and orchestras impacted by the widespread WordFly attack last July.