Law firm Campbell Conroy & O’Neil has warned of a breach from late February which may have exposed data from the company’s lengthy client list of big-name corporations including Apple and IBM.
The breach, which was discovered on 27 February 2021 when a ransomware infection blocked access to selected files on the company’s internal systems, has been blamed on an unnamed “unauthorised actor.”
While it’s not yet known precisely what data was accessed during the breach, the system affected held a treasure trove including “certain individuals’ names, dates of birth, driver’s license numbers/state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, health insurance information, biometric data, and/or online account credentials (i.e. usernames and passwords),” the company confirmed in a statement regarding the attack.
The company has also offered those affected a 24-month subscription to credit monitoring, fraud consultation, and identity theft restoration services – but only if they had their Social Security numbers held on the system. For those whose data did not include Social Security numbers, they get nothing bar the company’s apologies.
Source: US legal eagles representing Apple, IBM, and more take 5 months to inform clients of ransomware data breach • The Register