The Alcohol & Drug Testing Service (TADTS) has announced that a cyberattack exposed hundreds of thousands of people, revealing data ranging from their names to biometrics. The company provides employee drug and alcohol testing services.
Attackers breached the company in early July 2024, and the TADTS security team caught up with cyber crooks five days later. According to a breach notification that the company sent to impacted individuals, the attackers managed to access and download company data.
TADTS manages drug and alcohol programs for businesses around the US, which means that it handles extremely sensitive details of employees from numerous American companies.
While the breach notice doesn’t discuss the type of attack TADTS suffered from, ransomware gang BianLian posted the company on its dark web leak site in July of last year. At the time, attackers said they had access to hundreds of gigabytes of TADTS’ data.
Meanwhile, information the company recently submitted to the Maine Attorney General’s Office revealed that the July 2024 cyberattack exposed over 748,000 people. It took the company a while to investigate the attack and start informing individuals whose data was involved.
“With the assistance of a professional data mining team, we conducted a thorough review of the data, which took multiple months to complete given the scope of information downloaded by the unauthorized actor,” the breach notice explained.
“With the assistance of a professional data mining team, we conducted a thorough review of the data, which took multiple months to complete given the scope of information downloaded by the unauthorized actor,”
the breach notice explained.
TADTS’ data incident notice, which it published on its website, says that the exposed details include:
- Names
- Dates of birth
- Social Security numbers (SSNs)
- Driver’s license/government-issued IDs
- Passport numbers
- Bank/financial information
- Credit/debit card information
- Usernames and passwords
- Emails and passwords
- Health insurance information
- US Citizen and Immigration Services (USCIS) or alien registration numbers
- Biometric information
“Note this list describes general categories of information present within the affected systems and includes categories that may not apply to each potentially impacted individual,” the notice said.
However, if attackers managed to access all listed details on a single person, they’d have a full and comprehensive list for identity theft. Cybercrooks could utilize the leaked details to take out loans, commit fraud, open accounts, and commit other cyber crimes that could negatively impact exposed persons’ credit rating and financial well-being.
While breached companies often offer exposed individuals free credit monitoring and identity theft services, the TADTS breach notice said the company was unaware of cases where stolen data was misused and advised people whose data was stolen a year ago to monitor free credit reports and review account statements.
The BianLian ransomware group was first spotted in June 2022. The group develops and deploys its own ransomware variant, mainly targeting critical infrastructure sectors in the US and Australia, according to a 2023 advisory alert by the US Cybersecurity and Infrastructure Security Agency (CISA).
BianLian, which tends to go after small and midsize businesses, has since branched out to claim victims in the medical, professional, and real estate industries, including the US Better Business Bureau (BBB) and Affiliated Dermatologists.
Attacks on other high-profile victims, such as Air Canada, Tennessee State University, and Ashley Furniture, were carried out in 2023. According to the Cybernews dark web monitoring tool, Ransomlooker, the gang has victimized at least 94 organizations in the past 12 months.
Your email address will not be published. Required fields are markedmarked