Morley Companies has admitted it was hit with a ransomware attack that led to the leak of sensitive information for more than 500,000 people. The incident began on August 1, 2021, when Morley's data became unavailable.
Morley, which provides services to several Fortune 500 companies, thereafter began collecting contact information needed to provide notice to potentially affected 521,046 individuals, which was completed in early 2022. Some of them had their Social Security numbers leaked in the attack.
In filings with the Maine's Office of the Attorney General, the company explains that 521,046 people were affected. Morley said it also provided access to complimentary credit monitoring and identity theft protection services to individuals whose Social Security numbers may have been involved in the incident.
The company said, "The following personal and protected health information may have been involved in the incident: name, address, Social Security number, date of birth, client identification number, medical diagnostic and treatment information, and health insurance information. We are not aware of the misuse of any potentially affected individual's information. That investigation revealed that a ransomware-type malware had prevented access to some data files on our system beginning August 1, 2021 and there was unauthorized access to some files that contained personal information.”
Morley hired cybersecurity experts to respond to the situation but needed six months to collect the "contact information needed to provide notice to potentially affected individuals".
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
