Liberty Resources Announces July 2024 Data Breach
Liberty Resources, a Syracuse, NY-based human services agency, has announced a security incident that was first identified 16 months ago, on July 22, 2024. Liberty Resources said an immediate and thorough investigation was conducted, and that the investigation into the incident is still ongoing. It is unclear why the investigation has taken so long.
According to its website data breach notice, the specific information compromised in the incident has yet to be confirmed. Employees and patients have been warned that the impacted data likely includes names, addresses, dates of birth, Social Security numbers, medical information, and health insurance information. Since the investigation has not yet concluded, it is unclear how many individuals have been affected.
While no evidence has been found to indicate any misuse of the affected information, employees and clients have been advised to remain vigilant against identity theft and fraud. While not stated by Liberty Resources, this appears to have been a cyberattack by the Rhysida threat group, which added Liberty Resources to its data leak site and threatened to sell the 665 GB of data allegedly stolen in the attack. Rhysida claims on its data leak site that the data that has not been sold has been published. The group claims the leaked data includes 885,433 files, and if the claim is true, that may go some way to explaining why the investigation and data review have taken so l
Source: https://www.hipaajournal.com/liberty-resources-data-breach-2024/
Liberty Resources cybersecurity rating report: https://www.rankiteo.com/company/liberty-resources
"id": "LIB1764778067",
"linkid": "liberty-resources",
"type": "Ransomware",
"date": "7/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'incident': {'affected_entities': [{'customers_affected': None,
'industry': 'Healthcare',
'location': 'Syracuse, NY',
'name': 'Liberty Resources',
'size': None,
'type': 'Human Services Agency'}],
'customer_advisories': 'Employees and clients warned about '
'potential identity theft and fraud risks',
'data_breach': {'data_encryption': None,
'data_exfiltration': '665 GB (claimed by '
'Rhysida)',
'file_types_exposed': None,
'number_of_records_exposed': None,
'personally_identifiable_information': 'Names, '
'addresses, '
'dates of '
'birth, '
'Social '
'Security '
'numbers',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally '
'Identifiable '
'Information',
'Medical '
'Information',
'Health Insurance '
'Information']},
'date_detected': '2024-07-22',
'date_publicly_disclosed': '2024-07-22',
'description': 'Liberty Resources, a Syracuse, NY-based human '
'services agency, announced a security incident '
'that was first identified on July 22, 2024. The '
'investigation is ongoing, and the specific '
'information compromised has yet to be confirmed. '
'The incident likely involves the exposure of '
'sensitive data, including names, addresses, '
'dates of birth, Social Security numbers, medical '
'information, and health insurance information. '
'The Rhysida threat group claimed responsibility '
'and threatened to sell 665 GB of allegedly '
'stolen data, which includes 885,433 files.',
'impact': {'brand_reputation_impact': None,
'conversion_rate_impact': None,
'customer_complaints': None,
'data_compromised': 'Names, addresses, dates of '
'birth, Social Security numbers, '
'medical information, health '
'insurance information',
'downtime': None,
'financial_loss': None,
'identity_theft_risk': 'High',
'legal_liabilities': None,
'operational_impact': None,
'payment_information_risk': None,
'revenue_loss': None,
'systems_affected': None},
'initial_access_broker': {'backdoors_established': None,
'data_sold_on_dark_web': 'Threatened '
'by Rhysida',
'entry_point': None,
'high_value_targets': None,
'reconnaissance_period': None},
'investigation_status': 'Ongoing',
'motivation': 'Financial Gain',
'post_incident_analysis': {'corrective_actions': None,
'root_causes': None},
'ransomware': {'data_encryption': None,
'data_exfiltration': 'Yes',
'ransom_demanded': None,
'ransom_paid': None,
'ransomware_strain': None},
'recommendations': 'Remain vigilant against identity theft and '
'fraud',
'references': [{'date_accessed': '2024-07-22',
'source': 'Liberty Resources Data Breach Notice',
'url': None}],
'regulatory_compliance': {'fines_imposed': None,
'legal_actions': None,
'regulations_violated': None,
'regulatory_notifications': None},
'response': {'adaptive_behavioral_waf': None,
'communication_strategy': 'Data breach notice on '
'website, advisories to '
'employees and patients',
'containment_measures': None,
'enhanced_monitoring': None,
'incident_response_plan_activated': 'Yes',
'law_enforcement_notified': None,
'network_segmentation': None,
'on_demand_scrubbing_services': None,
'recovery_measures': None,
'remediation_measures': None,
'third_party_assistance': None},
'stakeholder_advisories': 'Employees and patients advised to '
'remain vigilant against identity '
'theft and fraud',
'threat_actor': 'Rhysida',
'title': 'Liberty Resources Data Breach',
'type': 'Data Breach'}}