In a letter written to the Vermont Advocate General, Execupharm, which services pharmaceutical companies, has confirmed the attack.
Considering the letter, among the information the hackers accessed include social security numbers, taxpayer ID/EIN, driver’s license numbers, passport numbers, bank account numbers, credit card numbers, national insurance numbers, and national ID numbers.
The incident took place on March 13 via a phishing attack, and Execupharm notified law enforcement authorities on April 17.
Ransomware attackers usually do not publish the data, but they seek ransom in exchange for the data they steal. Perhaps, the cybercriminals resorted to publishing the data after Execupharm announced that it had retrieved its data and installed forensic tools on all systems in addition to isolating impacted systems.
Earlier this year, a Dutch university called Maastricht reportedly paid US$220,000 in ransom after a ransomware group stole its critical data, putting its research activity in jeopardy.
The outsourcing firm claims to have alerted the US security agencies soon after the incident and hired a cybersecurity firm to investigate the attack. Reports say a hackers group called CLOP is behind the attack.
“Our internal teams worked diligently with forensic consultants to rebuild the impacted servers from back up,” stated the company.
The news emerges barely a week after IT services major Cognizant admitted that it too had become a victim of a ransomware attack.
The rising wave of cyber incidents has no doubt left the outsourcing industry scrambling to safeguard its systems.