Canadian MSP Pivot Technology Solutions Disclose Ransomware Attack And Data Breach

Canadian Managed Service Provider Pivot Technology Solutions has recently disclosed a cyberattack on its IT infrastructure. As revealed, Pivot Technology suffered a data breach following a ransomware attack. The incident might have affected the personal information of customers.

Pivot Technology Ransomware Attack

Reportedly, Canadian MSP Pivot Technology has disclosed that it suffered a data breach after a ransomware attack.

In earlier July 2020, Pivot Technology Solutions publicly disclosed the news of ransomware attack on its systems. According to the press release, an authorized entity attempted to encrypt Pivot Technology’s infrastructure and steal data. However, the company immediately responded to the incident thereby failing the malicious attempt.

At that time, the company simply followed an incident disclosure without revealing many details. Nonetheless, recently, in a letter from the firm’s CEO to its customers, the firm revealed a data breach as well.

It turns out that the attack hit the MSP on June 12, 2020. Following the incident, on July 1, 2020, the company’s investigations revealed that the attackers extracted some data during the incident. The stolen data potentially includes some personal information of US employees and consultants.

Whereas, regarding the exact type of extracted details, the letter states,

The Companies determined that the following personal information of employees and consultants may have been compromised in the Incident: names, addresses, dates of birth, gender, student status, disability status, type of insurance coverage, payroll information (including information with respect to deductions, 401k, income withholdings, and benefits), banking information (including routing and account numbers), social security numbers and dependent information.

However, neither the letter nor the company has specified an exact number of individuals affected during the incident.

What Next?

Following the incident, the firm engaged cyber forensic firms to investigate the matter and audit the incident remediation measures.

Moreover, they also boosted their security states to prevent such incidents from happening in the future.

However, for the victims of the incident, the company is also offering complimentary ID theft and credit monitoring solutions.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil