Collabera hacked: IT staffing'n'services giant hit by ransomware, employee personal data stolen Hackers infiltrated Collabera, siphoned off at least some employees' personal information, and infected the US-based IT consultancy giant's systems with ransomware. We understand this swiped data included workers' names, addresses, contact and social security numbers, dates of birth, employment benefits, and passport and …
Seems common in the US of A$$, if data stolen, to offer a couple of years of so called "protection" with another dodgy company and they get off with a minor slap wrist. Hope the employees do a class action lawsuit, companies need to be punished, to fulfil their security obligations. UK/EU DPA/GDPR may not be perfect but offers more protection and our watchdog is finally starting to wake up and punish companies. Just waiting for the first %% of global turnover fine !!
In the United States you can freeze your credit for free. This is a service which requires you to provide a PIN code before you can take out any credit. Instead of offering Experian credit monitoring for two years -- the hackers just need to wait 2 years for the heat to die off -- is to help the employees freeze their credit. You need to do this free service with Equifax, Experian, and TransUnion.
"does not believe the lifted records have been used for fraud"
It has not been used for fraud yet. Once the data is out there, the chance of it not being used for fraud eventually is essentially zero. Saying you haven't noticed it happening yet is an utterly worthless statement that only suggests you're hoping everyone has forgotten about this specific leak by the time the fraud actually happens so you don't need to worry about being held responsible for it.
It would be interesting to know how this happened - I expect that it was just an email slipping through the virus checks. Releasing the "how it happened" information would help other people prevent this from happening to them - every day I see emails arrive with interesting attachments:
P.O 567934.zip (P.O 567934.exe) , 0072635_20200713_pdf.ace, PON991197.doc, Payment details.zip (Payment details.exe), Invoice_376102_INC.xlsm, English_Court OrderCASE#036886890678.iso, etc.
Posting as AC for obvious reasons. I've been a reg reader for years and was proud to have the opportunity to both give the reg an exclusive (this was not confirmed publicly prior to this article) and give a giant middle finger to Collabera who f$%&ed me over with this (in addition to the legal action I am pursuing).
I was pissed but not surprised, terrible company through and through.
Anyway, if you got tips, give em to the reg! They got this article cranked out less than 12 hours after I sent them the memo! Thanks Shaun!
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
