Posted On November 17, 2022 Consumer Privacy & Data Breaches
On November 16, 2022, Innovative Service Technology Management Services, Inc. (“IST Management”) filed notice of a data breach with the Attorney General of Montana after hackers carried out what appears to have been a successful ransomware attack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, birth dates, Social Security numbers, driver’s license numbers, passport numbers, financial account information and medical billing information. After confirming that consumer data was leaked, IST Management began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the IST Management data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Innovative Service Technology Management Services, Inc.
The available information regarding the Innovative Service Technology Management Services breach comes from the company’s filing with the Attorney General of Montana. According to this source, IST Management recently learned that it was the victim of a ransomware attack. While the company did not elaborate on how it made this discovery or what led up to the incident, in response, IST Management took the affected systems offline and launched an investigation to determine the scope of the attack as well as what, if any, consumer data was leaked as a result.
The company’s investigation confirmed that an unauthorized party was able to access its computer system on June 3, 2022, shortly before launching the ransomware attack. The investigation also revealed that the files that were accessible to the hackers contained sensitive information belonging to certain individuals.
Upon discovering that sensitive consumer data was made available to an unauthorized party, Innovative Service Technology Management Services began to review the affected files to determine what information was compromised and which consumers were impacted. IST Management completed this process on October 17, 2022. While the breached information varies depending on the individual, it may include your name, birth date, Social Security number, driver’s license number, passport number, financial account information and medical billing information.
On November 16, 2022, Innovative Service Technology Management Services sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Innovative Service Technology Management Services, Inc. is a business services company based in Atlanta, Georgia. The company provides a range of services to its business clients, including facilities management and litigation support services, as well as virtual administrative support services, document management services, digital forensics and consulting services and more. IST Management also Innovative Service Technology Management Services employs more than 2,500 people and generates approximately $326 million in annual revenue.
In the letter that Innovative Service Technology Management Services sent to those affected by the recent breach, the company explained that the incident stemmed from a ransomware attack. Ransomware attacks are one of the most common ways cybercriminals obtain consumer data. In fact, according to the Identity Theft Resource Center (“ITRC”), the number of ransomware attacks more than doubled between 2020 and 2021, increasing from 158 attacks in 2020 to 321 attacks in 2021.
If 321 attacks does not sound like all that concerning, every ransomware attack can impact the personal information of tens of thousands of people. In fact, the ITRC reports that in 2021 alone, over 41 million people had their information stolen through a ransomware attack. That’s roughly 13 percent of the entire U.S. population.
Ransomware attacks have been around for decades; however, more recently, the number of ransomware attacks has grown disproportionately when compared to other types of cyberattacks. In part, this is due to technological developments that allow cybercriminals to easily target the most valuable data types, such as Social Security numbers, financial account information, and protected health information.
In a ransomware attack, a hacker installs malicious software on a victim’s device. Usually, this is done through a phishing attack or by placing a line of malicious code on the back end of an organization’s website. Once installed on the organization’s device or network, the malicious software encrypts the data, preventing the organization from accessing anything on its system. When someone attempts to log in, they see a message from the hackers demanding a ransom.
More recently, hackers have started taking a more aggressive approach by threatening to publish the stolen data on the dark web if the organization does not pay the demanded ransom. Of course, not every ransomware attack results in consumer data being published on the dark web; however, this isn’t a chance that most organizations (or consumers) are willing to take. Thus, the threat of publishing data adds to an organization’s incentive to pay the ransom—and many organizations end up paying these ransoms. However, the FBI discourages companies from paying ransoms for the same reason the government does not negotiate with terrorists—it emboldens them.
One of the most frustrating aspects of ransomware attacks is that they are often preventable. Most large companies have the resources and ability to develop comprehensive data security systems that deter most hackers from attempting an attack and can thwart the efforts of those hackers that attempt an attack.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the IST Management data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a copy of the initial data breach letter issued by Innovative Service Technology Management Services, Inc. (the actual notice sent to consumers can be found here):
Dear [Redacted],
At Innovative Service Technology Management Services, Inc. (“IST”), we take the issue of privacy seriously. As part of that commitment, we are sending you this letter to make you aware of a recent data security incident that affected your personal information. Please read this letter carefully.
What Happened
IST recently was the victim of a ransomware attack that impacted our computer systems. We promptly took our systems offline as a precautionary measure and initiated our incident response protocols to thoroughly investigate the incident, safely restore our systems, and continue our services to clients. We also reported the incident to law enforcement and cooperated with their efforts.
Through our investigation, we discovered that an unauthorized actor gained access to our computer system and may have acquired certain files on June 3, 2022, before launching the ransomware attack. We then completed a detailed review of the potentially compromised files and, through that process, discovered on October 17, 2022, that some of your personal information may have been impacted.
What Information Was Involved
We currently have no knowledge of any actual or attempted misuse of anyone’s information. However, based on our investigation and detailed review process, we have determined that one or more of the potentially compromised files from our computer system contained your personal information including your name and [Redacted]. Therefore, we are notifying you out of an abundance of caution, and we recommend that you carefully review the information herein.
What We Are Doing
We take the protection of information seriously and are continuing to take steps to mitigate the potential for harm and prevent future incidents like this. We completed a global reset of all passwords in our computer systems, implemented enhanced detection and response capabilities on all endpoints in our network, and ensured that all critical applications are up to date. We also notified law enforcement about this incident and will cooperate with any further investigation by them. In addition, we will continue reviewing our policies and procedures to identify any other measures to further strengthen security and help prevent a future incident from occurring.
As an additional safeguard to help protect your identity, we also are offering you complimentary access to Experian IdentityWorksSM for a period of [Redacted] months.
If you believe there was fraudulent use of your information because of this incident and would like to discuss how you may be able to resolve those issues, please contact an Experian agent. If, after discussing your situation with an agent, it is determined that identity restoration support is needed then an Experian Identity Restoration agent is available to work with you to investigate and resolve each incident of fraud that occurred from the date of the incident (including, as appropriate, helping you contact credit grantors to dispute charges and close accounts; assisting you in placing a freeze on your credit file with the three major credit bureaus; and assisting you with contacting government agencies to help restore your identity to its proper condition).
Please note that Identity Restoration is available to you for {Redacted] months from the date of this letter and does not require any action by you at this time. The Terms and Conditions for this offer are located at [Redacted].
While identity restoration assistance is immediately available to you, we also encourage you to activate the fraud detection tools available through your complimentary [Redacted]-month Experian IdentityWorks membership. This product provides you with superior identity detection and resolution of identity theft. To start monitoring your personal information, please follow the steps below:
Ensure that you enroll by February 28, 2023 (Your code will not work after this date.)
Visit the Experian IdentityWorks website to enroll: [Redacted]
Provide your activation code: [Redacted]
If you have questions about the product, need assistance with Identity Restoration that arose because of this incident, or would like an alternative to enrolling in Experian IdentityWorks online, please contact Experian’s customer care team at (855) 797-1889 by February 28, 2023. Be prepared to provide engagement number [Redacted] as proof of eligibility for the Identity Restoration services by Experian.
What You Can Do
We recommend that you remain vigilant by reviewing and monitoring your account statements and credit reports. If you find any errors or unauthorized activity, you should contact your financial institutions that may be affected. You also may file a report with law enforcement, your state attorney general, and/or the Federal Trade Commission. In addition, please refer to the enclosed document titled “Additional Steps to Help Protect Your Information” which contains additional steps you may take to protect your information from misuse, including some information that may be specific to your state of residence.
For More Information
We are very sorry for any concern or inconvenience caused by this incident. If you have any other questions or concerns that you would like to discuss, you may contact us through our dedicated incident response hotline at (855) 797-1889. Be prepared to provide your engagement number: [Redacted]
