CSC ServiceWorks, a number one supplier of business laundry companies and air merchandising options, has disclosed a data breach after the non-public data of an undisclosed variety of people was uncovered in a 2023 cyberattack.
The corporate found the incident on February 4, 2024, after detecting uncommon exercise on its community. Subsequently, exterior cybersecurity consultants employed to research the incident discovered that unknown attackers had accessed some pc programs.
CSC ServiceWorks believes the risk actors had entry to compromised programs on its community from September 23, 2023, to February 4, 2024. After figuring out the affected information, it employed an information evaluation firm to find out what data was saved in information uncovered throughout the breach.
The laundry large added that it took measures to safe its pc programs in opposition to future assaults and notified related legislation enforcement businesses of the incident. It obtained the outcomes on June 17, 2024, and has been working to determine the proper addresses for the affected people since then.
Relying on the impacted particular person, the varieties of private data that had been uncovered within the data breach embrace a mix of:
- full title, date of delivery, and phone data,
- authorities identification (e.g., Social Safety or driver’s license quantity),
- monetary data (e.g., checking account and routing quantity),
- medical insurance data, and restricted medical data,
- and, in some circumstances, their youngsters’s private data.
It additionally supplies these affected by the data breach with a free Experian IdentityWorks membership to assist detect makes an attempt to misuse private data uncovered within the incident.
“We employed third-party consultants to deal with this case, carry out an investigation into the unauthorized exercise, and additional safe our programs to guard your data,” mentioned Christopher E. Mack, CSC ServiceWorks’ Chief Monetary Officer.
“CSC is offering this discover to offer you extra data on what occurred and a chance to enroll in free credit score monitoring.
In Could, TechCrunch reported that CSC ServiceWorks apologized and thanked two security researchers for locating a vulnerability that allowed anybody to do their laundry free of charge after ignoring their requests to repair the security flaw.
The corporate says it has over 150,000 purchasers in the US, Canada, and Europe, with a million machines in use at tens of hundreds of accommodations, laundromats, universities, and residential buildings.
A CSC ServiceWorks spokesperson was not instantly obtainable for remark when contacted by BleepingComputer at the moment.