MIP Targeted By Hackers

MIP, the storied financial software now owned by Community Brands, appears to be relaunching servers that have been hobbled since late last month as part of a ransomware attack.

The firm has declined to comment. It is not publicly known how many MIP Fund Accounting users were impacted and if it only impacted cloud servers.

The NonProfit Times has obtained four of the communications with users. It appears there was a ransomware attack on the morning of March 24. Little information is available on the situation with people close to the problem either declining to comment or not responding. A source told The NonProfit Times, “They are all working 18-hour days and exhausted but not saying anything.”

MIP told customers the firm is the process of bringing servers back online and restoring access to MIP and will be sending additional communications with more detail as they verify results of an assessment.

The firm is “hoping to be able to provide you with access to your data, which should be up to date as of March 24,” according to the communications with clients, but MIP Share might not be immediately available, nor will third-party integrations, according the communications.

On March 27, customers were informed that Community Brands and MIP were working with an external cyber forensics partner and thought that they were in the recovery phase. The firm told customers it did not appear that system data was exposed. Customers were told the firm was working through a process that included scanning data, setting up new environments, identifying who was impacted and retrieving backups.

The first to get back online will be those whose MIP data is not impacted. For those that were impacted, the firm is setting up a new, single-tenant cloud with the most recent available backup, according to the user communications.