Skender Construction Hit by Ransomware Attack, Exposing Sensitive Data of Over 1,000 Individuals
Chicago-based general contractor Skender Construction disclosed a ransomware attack in an April 5 filing with the Maine Attorney General’s office, affecting 1,067 individuals. The breach, discovered earlier this year, may have exposed sensitive personal information, including names, addresses, dates of birth, Social Security numbers, driver’s license and passport details, direct deposit data, and potentially health records if provided to the company.
Upon detecting the incident, Skender engaged cybersecurity experts to assist its IT team in restoring systems from backups. Due to its preparedness and IT infrastructure investments, the company avoided paying the ransom demanded by the attackers. While the notice did not confirm whether customers were impacted, Skender stated the attackers appeared motivated by financial gain rather than data theft.
As part of its response, Skender is offering one year of identity monitoring services through risk mitigation firm Kroll to affected individuals. The company, which serves high-profile clients like LinkedIn, Google, Salesforce, and major healthcare institutions, has not provided further public comment on the incident.
The attack underscores the growing cybersecurity risks facing construction firms, a sector increasingly targeted by ransomware groups. Earlier this year, Simpson Manufacturing and Builders Mutual Insurance Co. also reported cyber incidents, highlighting vulnerabilities in the industry’s digital infrastructure.
Source: https://www.constructiondive.com/news/skender-ransomware-attack-chicago-maine/712844/
Skender cybersecurity rating report: https://www.rankiteo.com/company/skender
"id": "SKE1770473368",
"linkid": "skender",
"type": "Ransomware",
"date": "4/2024",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '1067',
'industry': 'Construction',
'location': 'Chicago, USA',
'name': 'Skender Construction',
'type': 'General Contractor'}],
'customer_advisories': 'Offering one year of identity monitoring services '
'through Kroll',
'data_breach': {'number_of_records_exposed': '1067',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Addresses',
'Dates of birth',
'Social Security numbers',
'Driver’s license details',
'Passport details',
'Direct deposit data',
'Health records']},
'date_publicly_disclosed': '2024-04-05',
'description': 'Chicago-based general contractor Skender Construction '
'disclosed a ransomware attack that may have exposed sensitive '
'personal information of over 1,000 individuals, including '
'names, addresses, Social Security numbers, and other personal '
'data.',
'impact': {'data_compromised': 'Sensitive personal information',
'identity_theft_risk': 'High',
'payment_information_risk': 'Potential'},
'investigation_status': 'Ongoing',
'motivation': 'Financial gain',
'ransomware': {'data_encryption': 'Yes',
'ransom_demanded': 'Yes',
'ransom_paid': 'No'},
'references': [{'date_accessed': '2024-04-05',
'source': 'Maine Attorney General’s office filing'}],
'regulatory_compliance': {'regulatory_notifications': 'Maine Attorney '
'General’s office'},
'response': {'communication_strategy': 'Filing with Maine Attorney General’s '
'office',
'containment_measures': 'Restoring systems from backups',
'incident_response_plan_activated': 'Yes',
'recovery_measures': 'Restored systems from backups',
'remediation_measures': 'Engaged Kroll for identity monitoring '
'services',
'third_party_assistance': 'Cybersecurity experts'},
'title': 'Skender Construction Ransomware Attack',
'type': 'Ransomware'}