Infosys McCamish Systems experienced a data breach resulting from a LockBit ransomware attack, impacting over 6 million individuals. The breach saw unauthorized access to a substantial amount of sensitive personal data, including names, Social Security numbers, medical information, financial account information, and passport numbers. The incident led to the non-availability of certain applications and systems, and subsequent restoration and security measures resulted in at least $30 million in losses for the company. Additional costs are anticipated due to potential indemnities or damage claims.
Source: https://securityaffairs.com/165015/data-breach/infosys-mccamish-systems-data-breach-lockbit.html
TPRM report: https://scoringcyber.rankiteo.com/company/mccamish-systems-an-infosys-company
"id": "mcc449070624",
"linkid": "mccamish-systems-an-infosys-company",
"type": "Ransomware",
"date": "6/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 'over 6 million individuals',
'industry': 'Technology',
'name': 'Infosys McCamish Systems',
'type': 'Company'}],
'attack_vector': 'Ransomware',
'data_breach': {'number_of_records_exposed': 'over 6 million',
'personally_identifiable_information': ['names',
'Social Security '
'numbers',
'passport numbers'],
'sensitivity_of_data': 'high',
'type_of_data_compromised': ['names',
'Social Security numbers',
'medical information',
'financial account information',
'passport numbers']},
'description': 'Infosys McCamish Systems experienced a data breach resulting '
'from a LockBit ransomware attack, impacting over 6 million '
'individuals. The breach saw unauthorized access to a '
'substantial amount of sensitive personal data, including '
'names, Social Security numbers, medical information, '
'financial account information, and passport numbers. The '
'incident led to the non-availability of certain applications '
'and systems, and subsequent restoration and security measures '
'resulted in at least $30 million in losses for the company. '
'Additional costs are anticipated due to potential indemnities '
'or damage claims.',
'impact': {'data_compromised': ['names',
'Social Security numbers',
'medical information',
'financial account information',
'passport numbers'],
'financial_loss': '$30 million',
'legal_liabilities': 'potential indemnities or damage claims',
'systems_affected': 'certain applications and systems'},
'ransomware': {'ransomware_strain': 'LockBit'},
'threat_actor': 'LockBit',
'title': 'Infosys McCamish Systems Data Breach',
'type': 'Data Breach'}