Elevate Services, Inc. suffered a data breach after the company experienced a ransomware attack that leaked confidential information belonging to certain consumers.
The incident resulted in an unauthorized party gaining access to consumers’ names, birthdates, Social Security numbers, addresses, claims information, medical history and compensation amounts.
Elevate secured its system, notified law enforcement and launched an investigation and sent out data breach notification letters to all individuals.
Source: https://www.jdsupra.com/legalnews/elevate-services-inc-confirms-recent-3700290/
TPRM report: https://scoringcyber.rankiteo.com/company/elevate-services
"id": "ele231311123",
"linkid": "elevate-services",
"type": "Breach",
"date": "12/2022",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'name': 'Elevate Services, Inc.', 'type': 'Company'}],
'attack_vector': 'Ransomware',
'customer_advisories': 'Sent out data breach notification letters to all '
'individuals',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['names',
'birthdates',
'Social Security numbers',
'addresses',
'claims information',
'medical history',
'compensation amounts']},
'description': 'Elevate Services, Inc. suffered a data breach after the '
'company experienced a ransomware attack that leaked '
'confidential information belonging to certain consumers.',
'impact': {'data_compromised': True, 'identity_theft_risk': True},
'investigation_status': 'Ongoing',
'ransomware': {'data_exfiltration': True},
'response': {'communication_strategy': 'Sent out data breach notification '
'letters to all individuals',
'containment_measures': 'Secured its system',
'incident_response_plan_activated': True,
'law_enforcement_notified': True},
'threat_actor': 'Unauthorized Party',
'title': 'Elevate Services Data Breach',
'type': 'Data Breach'}