Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

Chemonics International Data Breach Impacts 260,000 Individuals

Development firm Chemonics International has disclosed a year-old data breach impacting over 260,000 people.

Chemonics International is notifying over 260,000 individuals that their personal information was compromised in a year-old data breach.

Chemonics is an international development company based in Washington, D.C. The organization has projects in dozens of countries around the world, in areas such as economic growth, agriculture and food security, conflict and crisis, democracy and governance, education, natural resources and environment, social inclusion, health, supply chains, water, and energy.

The incident was discovered on December 15, 2023, but the attackers lingered in its environment between May 2023 and January 2024, Chemonics says.

“On December 15, 2023, Chemonics became aware of suspicious activity related to certain user accounts. Upon discovery, we enacted our response protocols, including conducting password resets and disabling impacted accounts,” the company announced this week.

Chemonics’ investigation revealed that the attackers had access to certain personal information, including names, addresses, email addresses, dates of birth, driver’s license and other ID information, and Social Security numbers.

Financial and health information, account credentials, biometric data, and signatures were also compromised during the incident, the company says, adding that it is not aware of the misuse of this information.

Advertisement. Scroll to continue reading.

Chemonics says it has strengthened email security and multi-factor authentication, deployed additional endpoint security solutions, and started blocking suspicious traffic to improve its overall security stance.

This week, Chemonics informed the Maine Attorney General’s Office that 263,136 people were affected. The company is providing them with 24 months of free identity protection and credit monitoring services.

Related: In Other News: OPPC Breach Impacts 1.7M, US Soldier Suspected in Snowflake Hack, Cloudflare Loses Logs

Related: Ford Blames Third-Party Supplier for Data Breach

Related: Hacker Claims Major Chinese Citizens’ Data Theft

Related: Data of 7 Million OpenSubtitles Users Leaked After Hack Despite Site Paying Ransom

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this live webinar as we break down why email-layer defenses alone can't keep pace with the modern phishing ecosystem, how agentic AI is changing the capacity equation for security teams, and more.

Register

This year's summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments. Interact with leading solution providers and other end users facing similar challenges in securing a variety of cloud deployments.

Register

People on the Move

James Phillips has been promoted to the role of Vice President, Cybersecurity Risk Management at AT&T.

Rafal Los has joined Binary Defense as Chief Strategy Officer.

Tracey Mustacchio has joined Everfox as Chief Marketing Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.