Rail contractor RailWorks Corporation is notifying employees and third-parties that it recently fell victim to a ransomware attack in which sensitive information might have been compromised.
Founded in 1998, the track, transit and rail system services provider builds and maintains rail transportation infrastructure in the United States and Canada. The company has more than 3,500 employees in North America.
At the end of January, the company started informing employees of a cyber-incident that resulted in servers and systems being encrypted, and has since filed data breach notifications with California’s Office of the Attorney General.
The incident, which the company refers to as a “sophisticated cyberattack,” was clearly a ransomware attack, where cybercriminals managed to compromise systems within the contractor’s environment and plant data-encrypting malware on them.
The affected machines, RailWorks explains in the breach notifications, might have contained personally identifiable information (PII) of its employees, former employees, and third-party contractors.
The incident “may have involved access to your name, address, driver’s license number and/or government issued ID, Social Security number, date of birth and date of hire/termination and/or retirement,” the company told its employees.
Data that RailWorks stored on non-employees, and which might have been affected, includes names, addresses, Social Security numbers, dates of birth, and dates of hire/termination and/or retirement, the contractor said in a second data breach notification.
A third notification filed with California’s Office of the Attorney General covers potentially compromised data of impacted individuals’ minor children.
RailWorks says it has no indication that the personal information of the affected individuals or their minor children was misused, but offers free credit monitoring as a precautionary measure.
What the company hasn’t disclosed yet is the number of affected individuals and how the hackers gained access to its systems in the first place.
SecurityWeek has emailed RailWorks for additional information on the incident and will update the article as soon as a reply arrives.
Related: Netherlands University Pays $240,000 After Targeted Ransomware Attack
Related: Operations at U.S. Natural Gas Facilities Disrupted by Ransomware Attack
Related: Christmas Ransomware Attack Hit New York Airport Servers
More from Ionut Arghire
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- US, Israel Provide Guidance on Securing Remote Access Software
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
