It took nine months for some reason, but Greylock McKinnon Associates (GMA), a US consulting firm, has finally disclosed a data breach and the fact that as many as 340,000 Social Security numbers were stolen.
The breach was disclosed on Maine’s government website where data breach notifications affecting residents of the state have to be posted.
GMA filed a notice in February when it first discovered the breach but has only now said that the hackers have illicitly obtained hundreds of thousands of Social Security numbers of their victims.
The firm, which provides economic and litigation services to companies and US government agencies, including the Department of Justice (DOJ), did not specify the type of a cyberattack but said it “promptly took steps to mitigate the incident” in its data breach notice sent by mail to affected victims.
“We consulted with third-party cybersecurity specialists to assist with our response to the incident, and we notified law enforcement and the DOJ. Your personal and Medicare information was likely affected in this incident,” said GMA.
According to the company, this information may have included the victim’s name, date of birth, address, Medicare Health Insurance Claim number (containing a Social Security number associated with a member), and other medical or health insurance data.
In the notice, GMA also said that the personal information of affected individuals had previously been obtained by the DOJ “as part of a civil litigation matter.” The firm also deleted DOJ data from its systems after the incident.
More details about the case haven’t yet been given but GMA said that the people notified of the data breach are not the subject of the said investigation. The firm added that the cyberattack did not “impact your current Medicare benefits or coverage.”
It took nine months for GMA to disclose the incident, but the company said it needed the time to confirm the identities of affected individuals.
Your email address will not be published. Required fields are markedmarked