Artech L.L.C.

US IT staffing company Artech Information Systems was hit by the REvil ransomware attack that resulted in a data security breach.

The attackers gained administrative access to a domain controller and stole the personal data from servers including name, Social Security number, medical information, financial information, payment card information, id proofs and other information of its customers.

The attack forced the company to shut down the systems to prevent the further spread and restore them with extra security patch.

Source: https://www.bleepingcomputer.com/news/security/us-staffing-firm-artech-discloses-ransomware-attack-data-breach/

TPRM report: https://scoringcyber.rankiteo.com/company/artechllc

"id": "art10216422",
"linkid": "artechllc",
"type": "Ransomware",
"date": "01/2020",
"severity": "80",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'IT Staffing',
                        'location': 'United States',
                        'name': 'Artech Information Systems',
                        'type': 'Company'}],
 'attack_vector': 'Administrative access to domain controller',
 'data_breach': {'data_exfiltration': True,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['name',
                                              'Social Security number',
                                              'medical information',
                                              'financial information',
                                              'payment card information',
                                              'id proofs']},
 'description': 'US IT staffing company Artech Information Systems was hit by '
                'the REvil ransomware attack that resulted in a data security '
                'breach. The attackers gained administrative access to a '
                'domain controller and stole the personal data from servers '
                'including name, Social Security number, medical information, '
                'financial information, payment card information, id proofs '
                'and other information of its customers. The attack forced the '
                'company to shut down the systems to prevent the further '
                'spread and restore them with extra security patch.',
 'impact': {'data_compromised': ['name',
                                 'Social Security number',
                                 'medical information',
                                 'financial information',
                                 'payment card information',
                                 'id proofs'],
            'downtime': 'Systems were shut down',
            'systems_affected': 'domain controller, servers'},
 'initial_access_broker': {'entry_point': 'Administrative access to domain '
                                          'controller'},
 'motivation': 'Data theft and ransom',
 'ransomware': {'data_exfiltration': True, 'ransomware_strain': 'REvil'},
 'response': {'containment_measures': 'Systems were shut down',
              'remediation_measures': 'Restoration with extra security patch'},
 'threat_actor': 'REvil',
 'title': 'REvil Ransomware Attack on Artech Information Systems',
 'type': 'Ransomware'}