Industry News

US Staffing Firm Artech Keeps Silent About Data Breach, Leaves Customers at Risk of Fraud for Eight Months

Artech Information Systems, a minority- and women-owned diversity supplier and one of the largest IT staffing companies in the U.S., has disclosed a data breach exposing personal, financial, and health information of some of its clients. Notably, the attack occurred in January, eight months ago.

Artech disclosed the breach in a letter to affected parties, noting that its IT people noticed suspicious activity related to an employee’s user account in early January. Three days later, the firm’s systems had gotten infected with the REvil ransomware strain, but not before the hackers copied personal, health, and financial information of multiple individuals stored on the compromised systems.

“The investigation determined that at the time of the incident the involved files may have contained information including name, Social Security number, medical information, health insurance information, financial information, payment card information, driver’s license/state identification number, government-issued identification number, passport number, visa number, electronic/digital signature, username and password information,” Artech says in a letter to affected customers.

BleepingComputer reportedly became aware of the breach on January 11, when the REvil gang advertised 337MB of the stolen data on a website used to shame victims and coerce them into paying a ransom. Artech allegedly ignored the publication’s emails and only recently acknowledged the hack, leaving affected customers vulnerable to fraud and phishing attacks.

Artech urges affected clients to monitor their bank statements for suspicious activity and be on the lookout for fraud and identity theft. The firm is offering free credit monitoring and identity protection to all affected customers.

As noted by Databreaches.net, Artech first sent out breach notifications at the beginning of September, despite completing its investigation at the end of June. From early January to early September, Artech knowingly left customers at risk of fraud and ID theft.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.

Add Comment

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.