India-based IT consulting firm Infosys' U.S.-based subsidiary McCamish Systems had data from over 6.078 million individuals compromised following a November ransomware attack claimed by the LockBit ransomware operation that has cost the firm at least $30 million, Security Affairs reports.
Infiltration of McCamish's systems between Oct. 29 and Nov. 2 enabled attackers to exfiltrate the names, biometric details, Social Security numbers, medical information, passport numbers, and financial account data from millions, including the customers of Oceanview Life & Annuity Company, Newport Group, and Union Labor Life Insurance, among others.
Despite the compromise, there has been no evidence suggesting any misuse of the exposed information, said McCamish in a filing with the Office of the Maine Attorney General, which also detailed an offer of two years of free credit monitoring to those whose data had been impacted by the incident. Affected individuals have also been given information on fraud alerts and credit file freezes.
