Security Experts:

Business Services Firm Morley Discloses Data Breach Affecting 500,000 People

Business services company Morley this week announced being targeted in a ransomware attack that may have resulted in the information of more than 500,000 individuals getting stolen.

In letters sent to impacted individuals, Morley, which serves Fortune 500 and Global 500 companies across various industries, said the incident was discovered in August 2021, when it noticed that some files became inaccessible due to a ransomware infection.

An investigation revealed that the attackers may have gained access to client and employee data, including personal and protected health information.

Potentially stolen information includes name, social security number, date of birth, client identification number, health insurance information, and medical diagnostic and treatment information.

The company told the Maine Attorney General that more than 521,000 individuals are impacted. The AG’s office was also informed that the breach occurred in July 2021.

While Morley says there is no evidence that the exposed information has been misused, potentially affected people are being notified and those whose SSNs have been exposed are being offered 24 months of free credit and identity monitoring services via IDX.

Related: Apex Laboratory Says Patient Data Stolen in Ransomware Attack

Related: Ransomware Operators Leak Data Stolen From Logistics Giant Hellmann

Related: Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack

Related: Marine Services Provider Swire Pacific Offshore Discloses Data Breach

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.