Tech Etch, a trusted provider of critical components specializing in manufacturing precision-engineered thin metal components, flexible printed circuits, and EMI/RFI shielding, announced today that it will begin notifying current and former employees whose information may have been involved in a data security breach incident that occurred in August. Although Tech Etch has implemented many safeguards to protect the confidentiality of its current and former employees’ health information, it believes that some employee information could have been taken during the ransomware attack.
On August 25, 2021, Tech Etch learned that it had fallen victim to a ransomware attack against its computer network that started on August 20, 2021. Upon discovering the unauthorized third-party activity on its computer systems, including unauthorized encryption of some of its files, the company immediately engaged an external forensic cybersecurity team and legal counsel to help secure the network and investigate the extent of the breach. Tech Etch also took steps to prevent further unauthorized access and to notify law enforcement, the U.S. Department of State, the U.S. Department of Health and Human Services, and the Massachusetts Attorney General’s office.
Also Read: Transforming Workforce Experience with Trusted Access
The company’s thorough data security protocols and back-up procedures enabled it to restore operations and access data from its back-ups without decryption of any of the unauthorized encryption. After ensuring that the company’s business was secure, Tech Etch’s cybersecurity experts did a thorough investigation. They could not identify any direct evidence of data staging or exfiltration based on the available data. While the attackers did not appear to have accessed Tech Etch’s human resources server, and while Tech Etch had its own encryption on the backups for that server that the attackers did try to access, the cybersecurity experts could not determine whether the attackers could have copied any current or former employees’ personal information (name, address, social security number, date of birth, or personal health information) from some e-mail records on different servers.
To date, Tech Etch has not seen that any such information, or indeed anything from the company’s computer systems, has been posted publicly. Nor has the company seen any affirmative evidence that any of its current or former employees’ personal information has been either accessed or misused. Out of an abundance of caution, however, Tech Etch is providing information to individuals whose personal information may have been impacted to provide them with details about this incident and guidance on how they can help protect themselves and their information if they feel it is necessary or appropriate to do so.
The company’s letter to current and former employees includes instructions on how an individual can contact all three of the major credit bureaus to place a fraud alert or security freeze on their account, inquire about any unusual activity, and request a credit report. Tech Etch recommends that individuals also may want to review all bills and account statements they receive over the next several months and report any suspicious activity to the financial institution of the account at issue.
The company also recommends that current and former employees review the explanation of benefits statements that they receive from their health insurer. If these statements list any service that an individual believes he or she did not receive, Tech Etch recommends that the individual contact their insurer at the number on the statement. If an individual does not receive regular explanation of benefits statements, the company recommends they contact their insurer or health care providers and request a copy of such statements following the provision of services in the individual’s name or using any of the individual’s identification numbers. Individuals may also review their credit reports and check for any unrecognized medical bills. If an individual finds anything suspicious, they should call the credit reporting agency at the phone number on the report.
Protecting the privacy of its customers, employees, partners, and members of its community is important to Tech Etch, and the company sincerely regrets any inconvenience this incident may have caused. To help prevent a similar incident from occurring in the future Tech Etch has enhanced and strengthened its security systems from those that were in place at the time of the incident and plans to continually review these protocols and processes to remain vigilant.
For more such updates follow us on Google News ITsecuritywire News