SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Breaches

EquiLend Ransomware Attack Leads to Data Breach 

EquiLend is informing its employees that their personal information was compromised in a January ransomware attack.

Fintech firm EquiLend has started sending notification letters to its employees to inform them of a data breach resulting from a January 2024 ransomware attack.

On January 24, the company announced that some of its systems were taken offline due to “a technical issue” and that services would be disrupted for several days.

EquiLend, which confirmed the next day that the disruption was caused by a ransomware attack, was able to restore its client-facing services by February 5, but shared no details on the scope of the attack until now.

Last week, the company informed the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) of a data breach resulting from the ransomware attack and started notifying the impacted individuals.

In the notification letter, a copy of which was submitted to the OCABR, EquiLend revealed that personal information such as names, dates of birth, and Social Security numbers, along with EquiLend payroll information, was compromised in the attack.

“At this time, we have no evidence from the investigation that any personal information has been used to commit identity theft or fraud,” the notification letter reads.

However, the company is providing the impacted individuals with complimentary identity theft protection services at no cost.

The fintech firm has not shared information on the number of impacted individuals. SecurityWeek has emailed EquiLend for clarification on the matter and will update this article as soon as a reply arrives.

Advertisement. Scroll to continue reading.

“We have not identified evidence that client transaction data was accessed or exfiltrated in the cybersecurity incident,” the company said in an incident FAQ last updated on February 25.

A financial technology and analytics firm created in 2001 by a consortium of banks and broker-dealers, EquiLend provides a centralized platform for the securities-lending industry.

The LockBit ransomware group, which was disrupted last month in an international law enforcement operation, took credit for the attack on EquiLend, according to Bloomberg.

Related: Change Healthcare Restores Pharmacy Services Disrupted by Ransomware

Related: Critical Infrastructure Organizations Warned of Phobos Ransomware Attacks

Related: LockBit Ransomware Gang Resurfaces With New Leak Site

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

CIEM Chat: How to Reduce Cloud Identity Risk
March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

Virtual Event: Ransomware Resilience & Recovery Summit
April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Mike Dube has joined cloud security company Aqua Security as CRO.

Cody Barrow has been appointed as CEO of threat intelligence company EclecticIQ.

Shay Mowlem has been named CMO of runtime and application security company Contrast Security.

More People On The Move

Expert Insights

Related Content

Ransomware Alerts Ransomware Alerts

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

February 2, 2023
ChatGPT attack ChatGPT attack

Data Breaches

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

March 28, 2023
Zendesk Hacked After Employees Fall for Phishing Attack

Cybercrime

Zendesk Hacked After Employees Fall for Phishing Attack

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

January 24, 2023
SharePoint Online (Office 365) Ransomware Attach SharePoint Online (Office 365) Ransomware Attach

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

June 9, 2023
Dish Network Dish Network

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

March 1, 2023
Hackers Stole Encrypted Backups, MFA Settings from GoTo, LastPass Hackers Stole Encrypted Backups, MFA Settings from GoTo, LastPass

Data Breaches

LastPass Says DevOps Engineer Home Computer Hacked

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

February 27, 2023
Okta hack Okta hack

CISO Strategy

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

November 3, 2023
Delta Dental Says Data Breach Exposed 7 Million Customers

Data Breaches

Delta Dental Says Data Breach Exposed 7 Million Customers

Delta Dental of California says over 6.9 million individuals were impacted by a data breach caused by the MOVEit hack.

December 18, 2023