Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed.
Belden revealed in November that it had detected a data breach that resulted in the theft of some information pertaining to business partners, as well as current and former employee data. The company has described it as a “sophisticated cyberattack.”
“Personal information accessed and stolen may have contained such information as names, birthdates, government-issued identification numbers (for example, social security / national insurance), bank account information of North American employees on Belden payroll, home addresses, email addresses and other general employment-related information. Limited company information accessed and stolen related to some of our business partners include bank account data and, for U.S. partners, their taxpayer ID numbers,” the company told SecurityWeek at the time.
In an update shared this week, Belden said further analysis revealed that the compromised servers also stored personal information on the spouses, dependents and relatives of some employees. The company also determined that some health-related information was exposed.
“The health-related information that may have been compromised as part of this incident included individuals’ names, gender and benefits information, such as their UMI (member) number, group number, coverage category, primary source of coverage, the effective date of coverage, additional sources of coverages, the effective date of any additional coverage, their relationship to a Belden employee and other benefits information,” Belden said on Wednesday.
“At this time we do not have reason to believe that any specific information related to any specific health conditions or diagnostic information was included in the incident,” it added.
The company’s investigation into the incident is ongoing, but it claims to be confident that the attackers have been locked out of its systems. Impacted individuals are being notified and offered identity monitoring services.
Related: Ubiquiti Shares Dive After Reportedly Downplaying ‘Catastrophic’ Data Breach
Related: Embedded Software Developer Wind River Discloses Data Breach
Related: Airbus CyberSecurity Subsidiary Stormshield Discloses Data Breach
Related: Air Charter Firm Solairus Aviation Suffers Data Breach