LockBit Ransomware Attack on Infosys McCamish Systems Exposes Sensitive Data of Over Six Million Individuals

Infosys McCamish Systems (IMS) recently disclosed that a LockBit ransomware attack earlier this year compromised sensitive information of more than six million individuals. IMS, a multinational corporation specializing in business consulting, IT, and outsourcing services, primarily serves the insurance and financial services industries. The company has a significant presence in the U.S., catering to large financial institutions such as the Bank of America and seven out of the top ten insurers in the country. 

In February 2024, IMS informed the public about the ransomware attack that occurred in November 2023. Initially, the company reported that the personal data of around 57,000 Bank of America customers had been compromised. LockBit, the group responsible for the attack, claimed to have encrypted 2,000 computers within the IMS network.

A recent notification to U.S. authorities revealed that the total number of affected individuals now exceeds six million. The notification outlined the steps taken by IMS, including the involvement of third-party eDiscovery experts, to conduct a thorough review of the compromised data. 

This review aimed to identify the personal information accessed and determine the individuals impacted.

The compromised data includes a wide range of sensitive information, such as Social Security Numbers (SSNs), dates of birth, medical records, biometric data, email addresses and passwords, usernames and passwords, driver’s license or state ID numbers, financial account information, payment card detail

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.