Software provider IMS says November ransomware attack affected over 6 million customers

Software service provider Infosys McCamish Systems revealed that the data security incident it suffered last year compromised the sensitive personal information of more than 6 million individuals.

 

In a filing with the Office of the Maine Attorney General, Infosys McCamish Systems (IMS) said that on November 2, 2023, it became aware of a data security incident that involved threat actors infiltrating its internal network and encrypting certain IMS systems with ransomware.

 

IMS immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. It also notified law enforcement authorities about the incident and took steps to contain the same.

 

The software provider said its investigation revealed that unauthorized activity occurred between October 29, 2023, and November 2, 2023.

 

“Through the investigation, it was also determined that data was subject to unauthorised access and acquisition. On May 28, 2024, after a comprehensive review, it was determined that some of your personal information was subject to unauthorised access/ acquisition,” the company said in its letter to affected customers.

 

The compromised data includes Social Security Numbers, dates of birth, medical treatment/record information, biometric data, email addresses and passwords, usernames and password, Driver’s License numbers or state ID numbers, financial account information, payment card information, passport numbers, tribal ID numbers, and U.S. military ID numbers.

 

The company’s filing with the Maine state regulator also revealed that at least 6,078,263 individuals were impacted by the incident.

 

While IMS found no evidence of the compromised information being misused, it advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. It has also offered two years of complimentary identity protection and credit monitoring services through Kroll to all affected individuals.

 

In November, the LockBit ransomware group claimed responsibility for the cyber attack on IMS and listed the company as a victim on its data leak site. The group claimed to be in possession of 50GB data stolen from the company and encrypted more than 2,000 systems.