Exploit: Ransomware
Artech Information Systems: Staffing Firm
Risk to Small Business: 1.602 = Extreme Artech Information Systems, one of the largest IT staffing companies in the US, just announced that they’d had a data breach exposing personal, financial, and health information of some of its clients. The company was informed by security researchers that the REvil gang advertised 337MB of stolen data in January, but Artech first sent out breach notifications at the beginning of September, despite completing its investigation at the end of June, leaving clients exposed to risk for 8 months.
Individual Risk: 2.424 = Severe The stolen files contained PII including names, Social Security numbers, medical information, health insurance information, financial information, payment card information, driver’s license/state identification numbers, government-issued identification numbers, passport numbers, visa numbers, electronic/digital signatures, usernames, and passwords. information. Affected clients have been notified and told to monitor their bank statements for suspicious activity and be on the lookout for fraud and identity theft. The firm is offering free credit monitoring and identity protection to all affected customers.
Customers Impacted: 10,000+
How it Could Affect Your Customers’ Business: Ransomware is a terrifying specter, but it can be ameliorated. What can’t is a failure to even tell your clients that they’re at risk for 8 months or more.
Risk Levels:
1 - 1.5 = Extreme Risk
1.51 - 2.49 = Severe Risk
2.5 - 3 = Moderate Risk
*The risk score is calculated using a formula that considers a wide range of factors related to the assessed breach.
