Information related to Truck Drivers and Rail workers is reported to have been exposed in a ransomware attack that took place on a healthcare services provider of Virginia. And the leaked sensitive details include full names, social security numbers, medical record information, drug and alcohol test reports and scanned copies of driving licenses.
The healthcare provider that is in question is ‘Taylor Made Diagnostics (TMD)’ based in Chesapeake, Virginia, and the leaked data belongs to employees of United Parcel Service (UPS) and Norfolk Southern Railroad.
TMD admitted that the leaked records could have been the ones that were accessed by hackers in a ransomware attack that took place in December 2020.
And according to the website clientele information- US Military, US Secret Service, the naval agency, navy’s special warfare development group, BAE Systems, Old Dominion University, The Social Security Administration, and the Virginia Department of Military Affairs seek medical diagnosis services from TMD.
Norfolk Southern Railroad that has an employee count of 25,000 people working across 22 states is investigating the incident. And has hired a 3rd party security agency to deeply probe the ransomware attack. While UPS that employees 361,263 people in US and 81k on an international note is silent about the data breach.
Note- CONTI Ransomware follows double extortion tactics mimicking Sodinokibi and NetWalker ransomware. Meaning, they first steal a portion of data and then encrypt a database until a ransom is paid. If the victim denies paying the ransom, then the cyber crooks’ gang threaten to leak the data or sell it for a hefty pay on the dark web. However, this earnings scheme clicks only if the stolen data has immense value- like card data, bank account info, passport numbers, driving licenses and contact details.