DMR News

Advancing Digital Conversations

Government Consulting Firm Hacked: 340,000 Social Security Numbers Taken

ByHuey Yee Ong

Apr 11, 2024
Government Consulting Firm Hacked: 340,000 Social Security Numbers Taken

Government Consulting Firm Hacked: 340,000 Social Security Numbers Taken

U.S. consulting firm Greylock McKinnon Associates (GMA) reported a data breach that resulted in the theft of up to 341,650 Social Security numbers. This breach, disclosed on a Friday on Maine’s government website—a platform for posting data breach notifications.

GMA, known for providing economic and litigation support to corporations and U.S. government agencies, including engaging in civil litigation matters for the U.S. Department of Justice (DOJ), fell victim to an unspecified cyberattack in May 2023. Upon discovering the breach, the firm took immediate action to mitigate the incident’s impact. Despite the swift response, the breach’s extent and the sensitive nature of the stolen information have raised alarms.

Affected individuals were informed through mailed notices that their data was compromised due to GMA’s involvement in a civil litigation matter handled by the DOJ. The details of the litigation and the specific reasons for the DOJ’s interest remain undisclosed, as the DOJ has yet to comment on the matter. Notably, GMA assured those affected that the breach and the litigation are unrelated to their personal legal standings or Medicare benefits and coverage.

The compromised data includes not only Social Security numbers but also names, dates of birth, home addresses, some medical information, and health insurance details, specifically Medicare claim numbers.

In response to the breach, GMA engaged third-party cybersecurity specialists to help address the incident and informed both law enforcement and the DOJ. On February 7, 2024, the firm confirmed the identities of the impacted individuals and obtained their contact details for notification purposes.

However, the delay in identifying the affected parties and notifying them—approximately nine months—has raised questions about the breach’s management and the effectiveness of the response protocols in place.

As of now, GMA and its external legal counsel, Linn Freedman of Robinson & Cole LLP, have not provided further comments on the incident.

Related News:

Featured Image courtesy of Markus Winkler on Unsplash

Huey Yee Ong

Hello, from one tech geek to another. Not your beloved TechCrunch writer, but a writer with an avid interest in the fast-paced tech scenes and all the latest tech mojo. I bring with me a unique take towards tech with a honed applied psychology perspective to make tech news digestible. In other words, I deliver tech news that is easy to read.

Leave a Reply

Your email address will not be published. Required fields are marked *