Business services company Morley revealed that it was a subjected to a ransomware attack that may have resulted in the information of more than 500,000 individuals getting stolen.
In letters sent to impacted individuals, Morley, which serves Fortune 500 and Global 500 companies across various industries, said the incident was discovered in August 2021, when it noticed that some files became inaccessible due to a ransomware infection, according to a report in SecurityWeek.
An investigation revealed that the attackers may have gained access to client and employee data, including personal and protected health information, the report said. Potentially stolen information includes name, social security number, date of birth, client identification number, health insurance information, and medical diagnostic and treatment information.
The company told the Maine Attorney General that more than 521,000 individuals are impacted. The Attorney General’s office was also informed that the breach occurred in July 2021.
While Morley says there is no evidence that the exposed information has been misused, potentially affected people are being notified and those whose SSNs have been exposed are being offered 24 months of free credit and identity monitoring services via IDX.