A ransomware attack against mining technology organization Gyrodata has potentially leaked the sensitive information of current and former employees.
Based in the US, Gyrodata offers services such as directional drilling and surveying for energy companies.
In a statement released last night (April 22), Gyrodata said it has been the victim of a ransomware attack that led to a possible data breach.
Unauthorized access
An early investigation determined that an unauthorized actor gained access to “certain systems and related data” during multiple visits starting on January 16, 2021, and ending on February 22.
The data potentially obtained includes names, addresses, dates of birth, drivers’ license numbers, social security numbers, passport numbers, W-2 tax forms, and information related to health plan enrolment.
The attack was discovered on February 21, after which Gyrodata said it “immediately took steps to secure its systems” by launching an investigation and employing a cybersecurity company to assist.
Gyrodata also notified federal law enforcement of the incident and “continues to support their investigation”, the release reads.
Victims
So far, the number of potential victims has not been confirmed, though Gyrodata, which is headquartered in Houston, Texas, has multiple offices worldwide in countries including Saudi Arabia, UAE, Ecuador, Malaysia, and Scotland.
The Daily Swig has reached out to Gyrodata for further information on the potential size of the breach.
In the release, Gyrodata said: “Gyrodata takes the security of personal information very seriously, and we wanted to make individuals whose information was potentially involved aware of our findings.”
Potential victims have been notified by letter.
Gyrodata added: “The security of your personal information is important to Gyrodata and we sincerely regret that this incident occurred.
“To help prevent a similar incident from occurring in the future, Gyrodata implemented additional security measures designed to enhance the security of its network, systems, and data.”
Source: https://portswigger.net/daily-swig/mining-technology-company-gyrodata-hit-by-ransomware-attack-employee-data-leaked