United States-based Nokia-owned SAC Wireless has started sending notification letters to its current and former employees to inform them of a data breach that might have impacted them.
In a notification letter filed with the Maine Attorney General’s Officer, the company said personal information of roughly 6500 individuals was compromised during a ransomware attack that was identified in mid-June.
An investigation launched into the incident, the company says, has revealed that the attackers first compromised SAC Wireless’ systems in April 13.
The threat actor, known for the use of Conti ransomware, uploaded tools onto the firm’s cloud storage, and deployed ransomware only two months later, on June 13, SAC Wireless disclosed.
While the investigation continues, the company says the attackers were able to exfiltrate large amounts of personal information relating to current and former SAC Wireless employees.
[ READ: FBI Shares Details on ‘OnePercent Group’ Ransomware Operators ]
The compromised data includes names, birth dates, addresses, email addresses, phone numbers, driver’s license numbers, passport or military ID numbers, work information, medical history, Social Security Numbers, data on health insurance policy, license plate numbers, tax return information, digital signatures, and more.
“To the extent that one of your dependents or beneficiaries was included on an SAC Wireless health plan, their personal information may also have been compromised,” the company said.
In addition to taking systems offline to limit the damage incurred by ransomware, the company provided additional training to employees, improved network and endpoint monitoring, expanded multi-factor authentication, and improved threat-hunting and detection capabilities.
The Conti ransomware group claims to have stolen more than 250 GB of data from SAC Wireless. On their leak site, the cybergang threatens to make the exfiltrated data public unless Nokia pays the demanded ransom.
Headquartered in Chicago, IL, SAC Wireless was bought by Nokia in 2014. The company provides wireless network design, deployment, and maintenance services to telecommunication companies in the United States.
Related: New Ransomware ‘Diavol’ Linked to Notorious Cybercrime Gang
Related: Ireland’s Health Service Executive Held to Ransom by Conti Gang
More from Ionut Arghire
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
- Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes
- NBA Notifying Individuals of Data Breach at Mailing Services Provider
- Adobe Acrobat Sign Abused to Distribute Malware
- Latitude Financial Services Data Breach Impacts 300,000 Customers
Latest News
- Verosint Launches Account Fraud Detection and Prevention Platform
- Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager
- Zoom Paid Out $3.9 Million in Bug Bounties in 2022
- Oleria Scores $8M Seed Funding for ID Authentication Technology
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- News Analysis: UK Commits $3 Billion to Support National Quantum Strategy
- Malicious NuGet Packages Used to Target .NET Developers
- Google Pixel Vulnerability Allows Recovery of Cropped Screenshots
