Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Chemonics International Data Breach Impacts 260,000 Individuals

Development firm Chemonics International has disclosed a year-old data breach impacting over 260,000 people.

Chemonics International is notifying over 260,000 individuals that their personal information was compromised in a year-old data breach.

Chemonics is an international development company based in Washington, D.C. The organization has projects in dozens of countries around the world, in areas such as economic growth, agriculture and food security, conflict and crisis, democracy and governance, education, natural resources and environment, social inclusion, health, supply chains, water, and energy.

The incident was discovered on December 15, 2023, but the attackers lingered in its environment between May 2023 and January 2024, Chemonics says.

“On December 15, 2023, Chemonics became aware of suspicious activity related to certain user accounts. Upon discovery, we enacted our response protocols, including conducting password resets and disabling impacted accounts,” the company announced this week.

Chemonics’ investigation revealed that the attackers had access to certain personal information, including names, addresses, email addresses, dates of birth, driver’s license and other ID information, and Social Security numbers.

Financial and health information, account credentials, biometric data, and signatures were also compromised during the incident, the company says, adding that it is not aware of the misuse of this information.

Chemonics says it has strengthened email security and multi-factor authentication, deployed additional endpoint security solutions, and started blocking suspicious traffic to improve its overall security stance.

This week, Chemonics informed the Maine Attorney General’s Office that 263,136 people were affected. The company is providing them with 24 months of free identity protection and credit monitoring services.

Advertisement. Scroll to continue reading.

Related: In Other News: OPPC Breach Impacts 1.7M, US Soldier Suspected in Snowflake Hack, Cloudflare Loses Logs

Related: Ford Blames Third-Party Supplier for Data Breach

Related: Hacker Claims Major Chinese Citizens’ Data Theft

Related: Data of 7 Million OpenSubtitles Users Leaked After Hack Despite Site Paying Ransom

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

MorganFranklin Cyber has appointed Keith Hollender as CEO and member of the Board of Directors.

Lisa Banks has been named Chief Financial Officer at Abnormal Security.

Threat detection and response company Trellix has appointed Vishal Rao as its new CEO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.