Employee data stolen in EquiLend cyber attack.

Names, birth dates, and SSNs stolen in EquiLend Cyber attacks!

Financial giant EquiLend has confirmed that a recent cyber attack on their systems resulted in stolen employee data.

EquiLend, which confirmed the next day that the disruption was caused by a ransomware attack, was able to restore its client-facing services by February 5, but shared no details on the scope of the attack until now.

EquiLend revealed that personal information such as names, dates of birth, and Social Security numbers, along with EquiLend payroll information, was compromised in the attack.

“At this time, we have no evidence from the investigation that any personal information has been used to commit identity theft or fraud,” the notification letter reads.

However, the company is providing the impacted individuals with complimentary identity theft protection services at no cost.

The ransomware group LockBit ransomware group has claimed responsibility for the attack.

Key takeaways for your business

1. Elevated Cybersecurity Threats: The recent cyberattack on EquiLend underscores the growing cybersecurity risks faced by businesses. Regardless of size or industry, businesses are increasingly targeted by cybercriminals, emphasizing the need for heightened vigilance and proactive security measures.
   

2. Timely Communication is Critical: EquiLend's delay in providing details about the attack highlights the importance of prompt and transparent communication during a cybersecurity incident. Businesses should prioritize timely communication with stakeholders, including customers, employees, and regulators, to mitigate the impact of an attack and maintain trust.
   

3. Protecting Sensitive Data is Essential: The breach resulted in the theft of employee data, including personal and payroll information. This emphasizes the importance of implementing robust data protection measures, such as encryption and access controls, to safeguard sensitive information from cyber threats.
   

4. Vigilance Against Identity Theft and Fraud: While EquiLend stated no evidence of misuse of stolen data, businesses should remain vigilant against the risk of identity theft and fraud. Proactive monitoring and implementing identity theft protection services for affected individuals can help mitigate potential risks.
   

5. Effective Response and Mitigation: EquiLend's response to provide complimentary identity theft protection services demonstrates the importance of having response and mitigation plans in place. Businesses should develop and regularly update incident response plans to effectively address cybersecurity incidents and minimize harm to their business and stakeholders.
   

6. Stay Informed and Collaborate: Businesses should stay informed about emerging cyber threats and collaborate with cybersecurity experts to enhance their defense strategies. Understanding the tactics and techniques used by cybercriminals, such as ransomware groups like LockBit, can help businesses better protect their systems and data.