SALT LAKE CITY, Utah (KSTU) — The Church of Jesus Christ of Latter-day Saints announced a cyberattack that was able to access the personal data of church members, employees and others.

In a news release Thursday, church officials said the attack occurred in late March, but did not access donation history or banking information.

According to the church, law enforcement authorities believe there is a low possibility of the data breached during the attack could be used to harm individuals.

The church says it's working with federal authorities and third-party cybersecurity experts to determine the scope of the incident and "to mitigate possible impacts."

The attack was not announced until months later at the request of law enforcement.

Those impacted by the breach will be notified by church officials. Church members are being told to "remain vigilant" over their personal accounts and to change passwords.

This story was originally reported by Jeff Tavss on fox13now.com.

The Red Cross says it was the victim of a sophisticated cyber security attack.

The organization says the attack, which was detected this week, compromised the personal data and confidential information of more than 515,000 "highly vulnerable people."

Those people include families separated due to conflict, migration and disaster, the organization says. Information about missing persons and people in detention was also jeopardized, according to the Red Cross.

"We are all appalled and perplexed that this humanitarian information would be targeted and compromised," said Robert Mardini, International Committee of the Red Cross' director-general. "This cyber-attack puts vulnerable people, those already in need of humanitarian services, at further risk."

The organization says it doesn't know who carried out the attack, which targeted a company in Switzerland that is contracted to store data for the Red Cross.

Mardini is asking the cybercriminals to spare the vulnerable people whose information was compromised.

"Please do the right thing. Do not share, sell, leak or otherwise use this data," he said.

He added that the Red Cross is working to understand the scope of the attack and take actions to protect against future security breaches.

BRIGHTON, Colo. — Cyberattacks are becoming more common and more disruptive to our daily life, and many experts worry the nation’s food supply is the next big target.

“In the past, I don't think we gave a lot of thought to cybersecurity,” said Robert Sakata, a farmer in Brighton, Colorado.

Sakata’s family has farmed for decades.

“So, my dad started the farm, and he and his family actually were farming in San Francisco when World War Two broke out, so they were moved to an internment camp, ended up in a camp in Utah,” said Sakata. “When he was released from that camp, Colorado was one of the few places that were actually not discouraging Japanese-Americans from coming in.”

Once the war ended, the Sakata family rebuilt their life and started a new farm 30 minutes outside of Denver.

Their farm, along with the thousands of other farms across the country, is now facing a new threat that didn’t exist just a few years ago.

“When you talked about security, it was somebody maybe coming out here, and believe it or not, that's what they've actually done—come out here and steal the wheels off of this sprinkler, steal the copper wire that's along there,” said Sakata.

But now, it’s also cybercriminals Sakata worries about. Any machine, like a tractor or a sprinkler system that’s connected to the internet could be hacked and remotely controlled.

These threats could mean interruptions to daily life for millions of Americans.

“If a CPA firm gets breached, a bunch of social security numbers get stolen, you're dealing with identity theft. That's one thing, right? But when people don't have food, you're talking about riots in the streets,” said Joseph Brunsman, founder of the Brunsman Advisory Group. Brunsman is a provider for cybersecurity insurance.

Brunsman said these attacks, if large enough, could leave families hungry.

“A lot of people living on fixed incomes or people that are, you know, lower on the socio-economic scale, when food prices go up, you know, 10, 20, 30%, that means they have to make that decision: Am I going to pay for food? Am I going to pay for heating this month? So, it's really a serious, serious idea for a lot of people.”

Hackers can also stop farming equipment or food production equipment from working and demand a ransom be paid. Ransomware attacks have become more common, and food production has seen multiple large attacks in recent months.

Meatpacking company JBS was hacked in June and plants were shut down across the country after a ransomware attack.

JBS paid hackers $11M to get operations back online.

“This was a very difficult decision to make for our company, and for me personally,” said Andre Nogueira, the CEO of JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

“You hear about ransomware where you would totally lock up and we couldn't have control. That would be a real, real issue that then we couldn't water the crop at all,” said Sakata.

“Because everyone needs to eat, an attack, a successful attack within the food and agriculture industry can quickly cascade into a national security concern,” said Scott Algier, the executive director of the Information Technology Sharing and Analysis Center, known as IT-SAC. “We're seeing a lot of the same attacks on other industries already, but some of the potential consequences could be a little more impactful.”

In addition to ransomware, there’s concern about groups hacking and stealing intellectual property – like seed formulas.

“There's a lot of intellectual property that the fruit and agriculture industry has that that is of interest to other organizations, other countries,” said Algier.

“We could lose our entire year of income by somebody taking over something and creating a problem by not letting the sprinkler run or not having that shipment go through,” said Sakata. “So, it's a big risk not only just for my family, but then for whoever is depending on those food sources.”

These threats are why Sakata goes old school on some things. He doesn’t connect his storage refrigerator to Wi-Fi to keep his crops safe.

“The only way somebody can hack it is really to break in at the door and change the settings,” said Sakata. “Even then, I have a password!”

What he can protect digitally, he does, and he said he and other farmers now often discuss how to defend themselves from cybercriminals.

“Whether it's going now to multiple-step verification, you need maybe another key fob that identifies yourself, that is all going to be critical as we move forward,” said Sakata.

Brunsman said cybersecurity insurance can also help, but there are several other inexpensive options for smaller farmers as well.

“Even really basic, very affordable controls, such as multi-factor authentication, having multiple backups, having offline backups, email security, security awareness training, that kind of stuff. It's not super expensive. It's really quite affordable. In many cases, it's like the cost of a cup of coffee per person per month. That can really go a long way,” said Brunsman.

Those who study these attacks say they’re happening every single day on a small scale. It’s only a matter of time before the next large-scale attack occurs.

“The threats are coming up and several different sides, we're seeing, we've already seen threats against both producers and production facilities,” said Doug Jacobson, a professor of electrical and computer engineering at Iowa State University. “We had a co-op here in Iowa that was attacked. So, we see it from the large organization side of things. But anybody on the internet, even a farmer can be attacked.”

“It's kind of scary,” said Sakata. “I think if you dwelled on it too long, it would keep you up at night.

He just hopes other farms will take the steps he’s taking to protect what we all can’t live without: our food supply.

“We need to really ensure that we're doing everything we can to protect that. It would be really scary if we ever got to the day where people would go to the grocery store and there wasn't, wasn't any food,” said Sakata.

Algier echoed the need for collaboration to stop cybercriminals.

“Cyberattacks are happening everywhere all the time. So, it is something that every enterprise, no matter your size, and no matter industry, something you need to pay attention to,” said Algier. "The cybersecurity threat is so big that nobody can do it, nobody can defend it against on their own.”

A ransomware attack on the world's largest meat processing company disrupted production around the world just weeks after a similar incident shut down a U.S. oil pipeline.

Brazil's JBS SA, however, said late Tuesday that it had made "significant progress" in dealing with the cyberattack and expected the "vast majority" of its plants to be operating on Wednesday.

"Our systems are coming back online and we are not sparing any resources to fight this threat," Andre Nogueira, CEO of JBS USA, said in a statement.

Earlier, the White House said JBS had notified the U.S. of a ransom demand from a criminal organization likely based in Russia. White House principal deputy press secretary Karine Jean-Pierre said the White House and the Department of Agriculture have been in touch with the company several times this week.

JBS is the second-largest producer of beef, pork and chicken in the U.S. If it were to shut down for even one day, the U.S. would lose almost a quarter of its beef-processing capacity, or the equivalent of 20,000 beef cows, according to Trey Malone, an assistant professor of agriculture at Michigan State University.

The closures reflect the reality that modern meat processing plants are heavily automated, for both food- and worker-safety reasons. Computers collect data at multiple stages of the production process, and orders, billing, shipping and other functions are all electronic.

JBS, which has not stated publicly that the attack was ransomware, said the cyberattack affected servers supporting its operations in North America and Australia. Backup servers weren't affected and it said it was not aware of any customer, supplier or employee data being compromised.

Malone said the disruption could further raise meat prices ahead of summer barbecues. Even before the attack, U.S. meat prices were rising due to coronavirus shutdowns, bad weather and high plant absenteeism. The U.S. Department of Agriculture has said it expects beef prices to climb 1% to 2% this year, poultry as much as 1.5% and pork between by from 2% and 3%.

JBS, which is a majority shareholder of Pilgrim's Pride, didn't say which of its 84 U.S. facilities were closed Monday and Tuesday because of the attack. It said JBS USA and Pilgrim's were able to ship meat from nearly all of its facilities Tuesday. The company also said it was making progress toward resuming plant operations in the U.S. and Australia. Several of the company's pork, poultry and prepared foods plants were operational today and its Canada beef facility resumed production, it said.

Earlier Tuesday, a union official confirmed that two shifts at the company's largest U.S. beef plant, in Greeley, Colorado, were canceled. Some plant shifts in Canada were also canceled Monday and Tuesday, according to JBS Facebook posts.

In Australia, thousands of meat plant workers had no work for a second day Tuesday, and a government minister said it might be days before production resumes. JBS is Australia's largest meat and food processing company, with 47 facilities across the country including slaughterhouses, feedlots and meat processing sites.

Jean-Pierre said the White House "is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals." The FBI is investigating the incident, and the Cybersecurity and Infrastructure Security Agency is offering technical support to JBS.

In addition, USDA has spoken to several major meat processors in the U.S. to alert them to the situation, and the White House is assessing any potential impact on the nation's meat supply.

JBS has more than 150,000 employees worldwide.

It's not the first time a ransomware attack has targeted a food company. Last November, Milan-based Campari Group said it was the victim of a ransomware attack that caused a temporary technology outage and compromised some business and personal data.

In March, Molson Coors announced a cyber attack that affected its production and shipping. Molson Coors said it was able to get some of its breweries running after 24 hours; others took several days.

Ransomware expert Brett Callow, a threat analyst at the security firm Emsisoft, said companies like JBS make ideal targets.

"They play a critical role in the food supply chain and threat actors likely believe this increases their chances of getting a speedy payout," Callow said.

Mark Jordan, who follows the meat industry as the executive director of Leap Market Analytics, said the disruption could be minimal assuming JBS recovers in the next few days. Meat processers are used to dealing with delays because of a host of factors, including industrial accidents and power outages, and they make up lost production with extra shifts, he said.

"Several plants owned by a major meatpacker going offline for a couple of days is a major headache, but it is manageable assuming it doesn't extend much beyond that," he said.

Jordan said it will help that U.S. meat demand generally eases for a few weeks between Memorial Day and the July 4 Independence Day holiday.

But the attacks can wreak havoc. Last month, a gang of hackers shut down operation of the Colonial Pipeline, the largest U.S. fuel pipeline, for nearly a week. The closure sparked long lines and panic buying at gas stations across the Southeast. Colonial Pipeline confirmed it paid $4.4 million to the hackers.

Jason Crabtree, the co-founder of QOMPLX, a Virginia-based artificial intelligence and machine learning company, said Marriott, FedEx and others have also been targeted by ransomware attacks. He said companies need to do a better job of rapidly detecting bad actors in their systems.

"A lot of organizations aren't able to find and fix different vulnerabilities faster than the adversaries that they're fighting,"' Crabtree said.

Crabtree said the government also plays a critical role, and said President Joe Biden's recent executive order on cybersecurity — which requires all federal agencies to use basic security measures, like multi-factor authentication — is a good start.

___

Durbin reported from Detroit. AP Writer Alan Suderman in Richmond, Virginia, and Alexandra Jaffe in Washington contributed.

NEW YORK —

The operator of the nation’s largest fuel pipeline confirmed it paid $4.4 million to a gang of hackers who broke into its computer systems.

Colonial Pipeline said Wednesday that after it learned of the May 7 ransomware attack, the company took its pipeline system offline and needed to do everything in its power to restart it quickly and safely, and made the decision then to pay the ransom.

"This decision was not made lightly," but it was one that had to be made, a company spokesman said. "Tens of millions of Americans rely on Colonial – hospitals, emergency medical services, law enforcement agencies, fire departments, airports, truck drivers and the traveling public."

Colonial Pipeline's CEO, Joseph Blount, told The Wall Street Journal he authorized the payment because the company didn't know the extent of the damage and wasn't sure how long it would take to bring the pipeline's systems back.

The FBI discourages making ransom payments to ransomware attackers, because paying encourages criminal networks around the globe who have hit thousands of businesses and health care systems in the U.S. in the past year alone. But many victims of ransomware attacks, where hackers demand large sums of money to decrypt stolen data or to prevent it from being leaked online, opt to pay.

"I know that’s a highly controversial decision," Blount told the Journal. "But it was the right thing to do for the country."

Blount said Colonial paid the ransom in consultation with experts who previously dealt with the group behind the attacks, DarkSide, which rents out its ransomware to partners to carry out the actual attacks.

Multiple sources had confirmed to The Associated Press that Colonial Pipeline had paid the criminals who committed the cyberattack a ransom of nearly $5 million in cryptocurrency for the software decryption key required to unscramble their data network.

A ransom payment of 75 Bitcoin was paid the day after the criminals locked up Colonial’s corporate network, according to Tom Robinson, co-founder of the cryptocurrency-tracking firm Elliptic. Prior to Robinson’s blog post, two people briefed on the case had confirmed the payment amount to AP.

Blount told the Journal the attack was discovered around 5:30 a.m. on May 7. It took Colonial about an hour to shut down the pipeline, which has 260 delivery points across 13 states and Washington, D.C., Blount said. That helped prevent the infection from potentially migrating to the pipeline's operational controls. But there are lingering issues. Blount said Colonial is still unable to bill customers following an outage of that system.

The pipeline system delivers about 45% of the gasoline consumed on the East Coast, and Colonial, which is based in Alpharetta, Georgia, halted fuel supplies for nearly a week. That led to panic-buying and shortages at gas stations from Washington, D.C. to Florida.

Colonial restarted its pipeline a week ago, but it took time to resume a full delivery schedule, and the panic-buying led to gasoline shortages. More than 9,500 gas stations were out of fuel on Wednesday, including half of the gas stations in D.C. and 40% of stations in North Carolina, according to Gasbuddy.com, which tracks fuel prices and station outages.

___

Associated Press Writer Frank Bajak contributed to this report from Boston.