We’ve been trying to find a solution to restore all data the was adding into our systems post Nov. 11th, 2019 and at this time it’s not possible. We recommend that if you continue to use our apps, you will need to reenter that missing data.
We apologize for this unfortunate incident, and steps have been taken to ensure that this problem never happens again.
If you downloaded the app after Nov. 11th, 2019, you’ll need to delete the app, re-download it, and start completely over. If you made a purchase within the app, touch the “Restore” button on the bottom of the screen if it prompts you to pay again.
As you may have read, we recently got hit by the new “Ako / MedusaReborn” ransomware via a Remote Desktop hack. We do have backups of your data post Nov 11th, 2019, but the problem is that the ransomware encrypted our backups, which were stored elsewhere and thought to have been safe from this type of attack. Because the backup is encrypted, and security researchers have yet to come up with a decryption executable yet, we’re forced to wait until one appears. The randsom that the hackers have asked for to decrypt our backup is an astronomically high dollar amount. Not only do we not have the amount they are asking for, but even if we did it would bankrupt us. We are a very small company.
Emsisoft (https://www.emsisoft.com/ransomware-decryption-tools/) has decryptors for ransomware, but right now they have identified this as “not decryptable”. Details on this specific randsomware can be found here: https://www.bleepingcomputer.com/news/security/ako-ransomware-another-day-another-infection-attacking-businesses/
Research is being done to get a decryptor made, and a search for “MedusaReborn” on Twitter shows that security researchers are looking into it. As soon as a decryptor becomes available, we will try and unlock our database and do imports of lost data on an as-needed and as-requested basis. The problem is that we DO NOT KNOW when this will be. It could be tomorrow, it could be in a year, it could be never.
Since the attack we’ve enhanced our backup process to include a more robust offline storage system. We’ve also upgraded our OS to the absolute latest version on our server, installed special two-factor authentication (2FA) for remote entry, and will be adding new backup options within our apps for iCloud and Dropbox integration for users to turn on if they wish. More enhancements will be coming soon as well.