Infosys McCamish Techniques (IMS) disclosed that the LockBit ransomware assault it suffered earlier this yr impacted delicate info of greater than six million people.
IMS is a multinational company that gives enterprise consulting, info expertise, and outsourcing providers. It makes a speciality of overlaying the wants of companies within the insurance coverage and monetary providers industries.
The corporate has a major presence within the U.S., serving giant monetary establishments such because the Financial institution of America and 7 out of the highest ten insurers within the nation.
In February 2024, IMS knowledgeable the general public that it had been hit by a ransomware in November 2023, which resulted within the compromise of the private information of about 57,000 Financial institution of America clients.
On the time, LockBit claimed the assault and mentioned that it had encrypted 2,000 computer systems on the IMS community.
In a brand new notification shared with the authorities within the U.S., IMS now says the overall variety of individuals affected by the November 2023 ransomware assault is just a little over 6 million.
“With the help of third-party eDiscovery consultants, retained by exterior counsel, IMS proceeded to conduct a radical and time-intensive evaluation of the info at problem to establish the private info topic to unauthorized entry and acquisition and decide to whom the private info relates,” reads the notification.
“IMS has notified its impacted organizations of the Incident and of the compromise of any private info pertaining to them.”
The info confirmed as compromised varies from one particular person to a different however contains the next:
- Social Safety Quantity (SSN)
- Date of delivery
- Medical remedy/report info
- Biometric information
- E mail deal with and password
- Username and password
- Driver’s License quantity or state ID quantity
- Monetary account info
- Cost card info
- Passport quantity
- Tribal ID quantity
- U.S. navy ID quantity
To mitigate the danger from the publicity, the notification letters enclose directions on find out how to entry a free-of-charge, two-year id safety and credit score monitoring service by Kroll.
IMS has not disclosed which of its purchasers had been impacted, aside from Oceanview Life and Annuity Firm (OLAC), an Arizona-based mounted and fixed-indexed annuities supplier that secures retirement earnings for policyholders.
IMS’ discover mentions that the listing of impacted information homeowners, at present solely itemizing OLAC, could also be supplemented on a rolling foundation as extra clients request to be named within the submitting.
