United States-based Nokia-owned SAC Wireless has started sending notification letters to its current and former employees to inform them of a data breach that might have impacted them.
In a notification letter filed with the Maine Attorney General’s Officer, the company said personal information of roughly 6500 individuals was compromised during a ransomware attack that was identified in mid-June.
An investigation launched into the incident, the company says, has revealed that the attackers first compromised SAC Wireless’ systems in April 13.
The threat actor, known for the use of Conti ransomware, uploaded tools onto the firm’s cloud storage, and deployed ransomware only two months later, on June 13, SAC Wireless disclosed.
While the investigation continues, the company says the attackers were able to exfiltrate large amounts of personal information relating to current and former SAC Wireless employees.
[ READ: FBI Shares Details on ‘OnePercent Group’ Ransomware Operators ]
The compromised data includes names, birth dates, addresses, email addresses, phone numbers, driver’s license numbers, passport or military ID numbers, work information, medical history, Social Security Numbers, data on health insurance policy, license plate numbers, tax return information, digital signatures, and more.
“To the extent that one of your dependents or beneficiaries was included on an SAC Wireless health plan, their personal information may also have been compromised,” the company said.
In addition to taking systems offline to limit the damage incurred by ransomware, the company provided additional training to employees, improved network and endpoint monitoring, expanded multi-factor authentication, and improved threat-hunting and detection capabilities.
The Conti ransomware group claims to have stolen more than 250 GB of data from SAC Wireless. On their leak site, the cybergang threatens to make the exfiltrated data public unless Nokia pays the demanded ransom.
Headquartered in Chicago, IL, SAC Wireless was bought by Nokia in 2014. The company provides wireless network design, deployment, and maintenance services to telecommunication companies in the United States.
Related: New Ransomware ‘Diavol’ Linked to Notorious Cybercrime Gang
Related: Ireland’s Health Service Executive Held to Ransom by Conti Gang