Home Morley Companies’ data breach details…

Morley Companies’ data breach details…

Feb 14 — In early August, a ransomware attack on Morley Companies disrupted the firm’s operations, rendering certain data temporarily unavailable. New information pertaining to the attack has recently emerged, leading to an announcement from Michigan’s attorney general, and a law suit.

The law suit contends that the personal information (social security numbers…etc) of more than half a million people may have been compromised, and that Morley Companies did not take adequate measures to protect the data. Moreover, the company is accused of storing personal information in a “reckless and negligent” manner, and of having failed to properly monitor systems.

Further, the lawsuit alleges that Morley did not provide timely notification to those who may have been affected by the breach.

Impact on consumers

Information from Morley has hit the dark web, and that info includes names, social security numbers and medical information.

Dana Nessel, Michigan’s attorney general warned potentially impacted individuals to treat any incoming messages requesting banking information as suspicious. Any requests for confirmation of personal information should be reported as fraudulent.

Morley’s response

At present, Morley cannot comment on the pending litigation, as the company has not yet formally received certain legal filings.

In the short term, the company has provided access to credit monitoring and identity theft protection services to individuals whose social security numbers may have been stolen in the attack. “The privacy and protection of personal and protected health information is a top priority for Morley, which deeply regrets any inconvenience or concern this incident may cause you,” wrote the company in a statement.

Preventing data breaches

In today’s digital ecosystem, data breaches have become all-too-common. Ensure that your organization takes proper precautions in preventing a breach. Here are five ways to avoid being hacked:

  1.  Deploy anti-phishing technologies across your organization’s devices.
  2.  Update and patch systems in an efficient and timely manner.
  3.  Require that employees implement multi-factor authentication across platforms.
  4. Consider using a password manager or a password safe.
  5.  Implement network firewalls that can monitor and control incoming and outgoing traffic.

For more information about how to protect your cyber ecosystem from data breaches, click here.