“Infosys McCamish Systems hit by LockBit ransomware, over 6 million individuals’ sensitive data compromised.”
Infosys McCamish Systems Hit by LockBit Ransomware: Over 6 Million Affected
Infosys McCamish Systems (IMS) (a subsidiary of the Indian multinational corporation Infosys), a leading provider of business consulting, information technology, and outsourcing services, had disclosed that it suffered ransomware attack earlier this year impacted sensitive information.
IMS, which specializes in covering the needs of firms in the insurance and financial services industries, has a significant presence in the U.S., serving large financial institutions such as the Bank of America and seven out of the top ten insurers in the country.
In February 2024, IMS informed the public that it had been hit by a ransomware in November 2023, which resulted in the compromise of the personal data of about 57,000 Bank of America customers.
At the time, LockBit claimed the attack and said that it had encrypted 2,000 computers on the IMS network. In a new notification shared with the authorities in the U.S., IMS now says the total number of people affected by the November 2023 ransomware attack is a little over 6 million.
The LockBit group, known for its sophisticated and aggressive tactics, has been responsible for numerous ransomware attacks across the globe. Their modus operandi typically involves infiltrating an organization’s network, encrypting critical data, and demanding a hefty ransom in exchange for the decryption key.
In many cases, even if the ransom is paid, there is no guarantee that the data will be fully recovered or that it hasn’t been copied or sold on the dark web.
“With the assistance of third-party eDiscovery experts, retained through outside counsel, IMS proceeded to conduct a thorough and time-intensive review of the data at issue to identify the personal information subject to unauthorized access and acquisition and determine to whom the personal information relates,” reads the notification. “IMS has notified its impacted organizations of the Incident and of the compromise of any personal information pertaining to them.”
The data confirmed as compromised varies from one individual to another but includes Social Security Numbers (SSN), dates of birth, medical treatment/record information, biometric data, email addresses and passwords, usernames and passwords, driver’s license numbers or state ID numbers, financial account information, payment card information, passport numbers, tribal ID numbers, and U.S. military ID numbers.
To reduce the risk from the exposure, the notification letters enclose instructions on how to access a free-of-charge, two-year identity protection and credit monitoring service through Kroll.
The breach at Infosys McCamish Systems was particularly alarming due to the sheer volume of personal data that was compromised. The exposed information included names, addresses, social security numbers, and other sensitive details that could potentially be used for identity theft and other malicious activities. The incident raised serious questions about the company’s cybersecurity measures and its ability to protect customer data.
IMS has not disclosed which of its clients were impacted, except for Oceanview Life and Annuity Company (OLAC), an Arizona-based fixed and fixed-indexed annuities provider that secures retirement income for policyholders. IMS’ notice mentions that the list of impacted data owners, currently only listing OLAC, may be supplemented on a rolling basis as more customers request to be named in the filing.
The breach at IMS serves as a stark reminder of the ever-present threat of cyber attacks and their potential to affect millions of individuals.
It also highlights the importance for companies to have robust cybersecurity measures in place to protect sensitive customer data. As cyber threats continue to evolve, businesses must remain vigilant and proactive in their efforts to safeguard against such attacks.