$100 Million awarded Since 1994 6,000 Satisfied Clients

Posted On February 18, 2023 Consumer Privacy & Data Breaches

Confidential Information Leaked in Ransomware Attack at MKS Instruments, Inc.

NOTICE: If you received a NOTICE OF DATA BREACH letter from MKS Instruments, Inc., contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.

Data Breach AlertFebruary 18, 2023 – MKS Instruments, Inc. filed a data breach notice with the Montana Attorney General on February 16, 2023 after learning of a ransomware attack on the company’s computer network. According to the filing, an unauthorized party gained access to sensitive consumer information like first and last names, Social Security numbers, dates of birth, employment history, and financial account information. Once the data leak was confirmed, MKS Instruments sent notification letters to all individuals affected by the security breach.

The data breach lawyers at Console & Associates, P.C. are actively investigating the MKS Instruments data breach. If you are one of the victims of the data breach and want to know more about how you can protect yourself and what your legal options are, and whether you can pursue a data breach lawsuit to hold MKS Instruments financially liable for any damages caused by the breach, we are offering free consultations.

About MKS Instruments, Inc.

MKS Instruments, Inc. is a manufacturing company that provides services such as manufacturing and selling instruments and subsystems, and processing control solutions and specialty chemicals technology. Originally founded in 1961 and based in Andover, Massachusetts, MKS Instruments now employs over 6,000 people and generates approximately $3 billion in revenue annually, as well as being publicly traded under “MKSI.”

Information About the MKS Instruments, Inc. Data Breach

According to its filing with the Attorney General of Montana, MKS Instruments discovered a ransomware attack on the company’s computer system on December 29, 2022. The company started investigating the incident to determine if confidential information had been compromised during the attack.

MKS Instruments confirmed a ransomware attack and that hackers had gained access to confidential information. Upon learning this, MKS reviewed all affected files to determine what information had been compromised. The company discovered that the types of information compromised included names, Social Security numbers, dates of birth, addresses, contact information, health insurance information, medical conditions, sexual orientation, gender, race, religious beliefs, nationality, work credentials, veteran status, marital status, financial information such as bank account information and payment card information, employment information like job and hours worked, union information, and familial information.

On February 16, 2023, MKS Instruments sent notification letters informing all affected individuals of the attack and that their information had been compromised.

What is a Ransomware Attack?

A ransomware attack is a type of cyberattack in which hackers install malicious software, or malware, on a company’s computer network. This software encrypts the data and bars the company from accessing its own information. Encryption is when files on the system are encoded, and only those who have the means to decode them have access.

It is called ransomware because hackers will leave a message for the company to pay a fee for access to its files again, a ransom. If the fee is paid, usually the files will be decrypted, and that will be the end of the attack.

However, some hackers employ a much more malicious threat to ensure that the company pays for the files back. If the company has backups of the files, they don’t really have the incentive to pay the fee. So, hackers will threaten to release the information onto the dark web if the company doesn’t pay the ransom. This technique is called “double extortion.”

If You Have Been Affected by MKS Instruments, Inc. Data Breach, Console & Associates, P.C. Can Help

The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the MKS Instruments, Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.

To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.

Below is a portion of the notice shared:

We are contacting you because we recently became aware of a security breach that may have resulted in the unauthorized acquisition of certain personal data.


On February 13, 2023 at 9:20 am Pacific Standard Time, we, MKS Instruments, Inc., the U.S. parent company of the MKS and Atotech group of companies which employs or did employ you, became aware that the ransomware event on our systems focused on encrypting our business and manufacturing systems and making them unavailable to us may have also involved exfiltration of personal data. While exfiltration of personal employee data has not been confirmed, we cannot rule it out and thus are providing notice.


Upon learning of the ransomware event, we took immediate action to activate our incident response and business continuity protocols to contain the incident. We have initiated an ongoing investigation, alongside outside experts, and have reported the issue to U.S. law enforcement. We issued a public statement regarding the incident shortly after we discovered it, and have been in contact with personnel, customers, suppliers and other stakeholders about how we are responding to the incident. The incident affected certain business systems, including production-related systems, and, as part of the containment effort, we elected to temporarily suspend certain operations. We have been restoring our systems as soon as we determined that it was safe to do so, and will continue to do so as quickly and securely as possible until we have returned our systems to normal operations.


We do not know of any concrete risks or threats to individual data subjects, but we cannot rule out that personal data may have been exfiltrated. Our understanding is that, in similar prior cases affecting other companies, ransomware actors have appeared to refrain from using personal data against individuals. The types of personal data that may have been involved, where collection of such personal data is permitted by local law, include: Name, contact information, address, government ID numbers (including Social Security Number in the U.S.), work login credentials/passwords, marital status, veteran status, nationality, immigration status, race, religious beliefs (where MKS is required by law to collect), education, employment history, date of birth, gender, sexual orientation, bank account information, payment card information, information about compensation and equity, information about job position and time/hours worked, information about disabilities, health and medical conditions, employer union, health insurance information, basic information regarding your partner, children and emergency contacts (such as name, age, and contact details), if applicable.


We encourage you to remain vigilant about any suspicious activity involving your personal data. For example, please do not open attachments or click on links in electronic communications from unknown senders, and please do not reveal personal or confidential information to unknown persons over the phone or other channels. If someone you think you recognize is asking you to take steps outside of your normal work functions, we recommend that you verify their identity before proceeding. If you receive any suspicious requests or communications at work, please report them to the IT service desk and wait for further instructions. Please also follow the instructions in our password memo, sent to you separately.

NOTICE: If you received a NOTICE OF DATA BREACH letter from MKS Instruments, Inc., contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.