Artech Information Systems, a minority- and women-owned diversity supplier and one of the largest IT staffing companies in the U.S., has disclosed a data breach exposing personal, financial, and health information of some of its clients. Notably, the attack occurred in January, eight months ago.
Artech disclosed the breach in a letter to affected parties, noting that its IT people noticed suspicious activity related to an employee’s user account in early January. Three days later, the firm’s systems had gotten infected with the REvil ransomware strain, but not before the hackers copied personal, health, and financial information of multiple individuals stored on the compromised systems.
“The investigation determined that at the time of the incident the involved files may have contained information including name, Social Security number, medical information, health insurance information, financial information, payment card information, driver’s license/state identification number, government-issued identification number, passport number, visa number, electronic/digital signature, username and password information,” Artech says in a letter to affected customers.
BleepingComputer reportedly became aware of the breach on January 11, when the REvil gang advertised 337MB of the stolen data on a website used to shame victims and coerce them into paying a ransom. Artech allegedly ignored the publication’s emails and only recently acknowledged the hack, leaving affected customers vulnerable to fraud and phishing attacks.
Artech urges affected clients to monitor their bank statements for suspicious activity and be on the lookout for fraud and identity theft. The firm is offering free credit monitoring and identity protection to all affected customers.
As noted by Databreaches.net, Artech first sent out breach notifications at the beginning of September, despite completing its investigation at the end of June. From early January to early September, Artech knowingly left customers at risk of fraud and ID theft.