Social Security Numbers, Passport Data, and More Stolen from 'Thousands' of Meyer Employees After Ransomware Attack

Cyberattacks have become extremely popular over the course of the pandemic with more and more companies falling victim to ransomware attacks. The most recent company to fall victim is Meyer with its employees' critical data stolen.

'Thousands' of Meyer Corporation Compromised in Recent Ransomware Attack

According to the story by TechRadar, Meyer Corporation, a popular American cookware distributor, has just fallen victim to a recent ransomware attack. The extent of the attack, as per the report, says that "thousands" of employees were affected.

The ransomware attack actually took place on October 25 of last year. To add, the cyber attackers used the Conti variant to penetrate the "company's endpoints."

The news reportedly followed an investigation that was done internally that found out that the attackers were able to steal "personally identifiable information" from Meyer employees which led to them being able to steal their identities as well.

Here's What the Cyber Attackers Stole:

  • Health insurance information

  • Ethnicity information

  • Physical addresses

  • Social security numbers

  • Full names

  • Birthdates

  • Gender

  • Health insurance information

  • Employee medical condition data

  • COVID vaccination cards

  • Random drug screening results

  • Passport data

  • Driver's licenses

  • Government ID numbers

  • Immigration status information

  • Permanent resident cards

  • Information on dependents

Although the company did not release any detail as to what ransomware variant was "used in the attack" or even how their network was compromised, an article by BleepingComputer was able to find a Meyer Corporation listing on the "Conti extortion site" which was dated on November 7, 2021.

Contti Ransomware Group and TrickBot Malware Family Join Forces

2% of the whole database was posted on the listing as proof of the authenticity of the whole batch. Due to it already being four months ever since the data was stolen, according to TechRadar, "attackers were either paid for the data, lost interest in publishing it, or are still negotiating a deal with Meyer."

The US Attorney General offices were informed by Meyer Corporation regarding the data breach. In addition, the Conti ransomware group "has become quite active in the recent weeks" which is possibly due to TrickBot malware family members joining forces with them.

Read Also: Prominent Leaker Showed How They Almost Maxed Out 512GB Storage in Just a Week

How Does the Conti Ransomware Family Operate Differently from Other Ransomware Gangs

Ransomware gangs differ from Conti in a sense that the latter uses a "trust-based, team-based" model compared to the gangs which usually work "with random affiliates." Due to this, the group has reportedly gotten better when it comes to "evading law enforcement than many of its peers."

Moving forward, the Conti ransomware group reportedly plans to "use TrickBot's newer product" called the BazarBackdoor malware which is "stealthier and harder to detect." Despite BazarBackdoor previously being used as "a part of TrickBot's larger toolkit," it has actually become a "fully autonomous tool" as per security researchers.

Related Article: Pentagon-Linked Defense Contractors and Subcontractors Targeted by Russian Hackers, US Intelligence Says

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics