Claims administration and threat administration firm Sedgwick has confirmed that its federal contractor subsidiary, Sedgwick Authorities Options, was the sufferer of a safety breach.
Sedgwick additionally employs over 33,000 folks and serves 10,000 purchasers throughout 80 nations, together with 59% of the Fortune 500, and its subsidiary serves over 20+ authorities company purchasers.
The checklist of federal companies utilizing Sedgwick Authorities Options’s providers consists of the Cybersecurity and Infrastructure Safety Company (CISA), the Division of Commerce, the USA Citizenship and Immigration Companies (USCIS), the USA Coast Guard, the Division of Homeland Safety (DHS), the U.S. Division of Labor, the Customs and Border Safety (CBP), and the U.S. Coast Guard.
A Sedgwick spokesperson advised BleepingComputer that the corporate is at present investigating a safety breach that impacted its subsidiary, including that the dad or mum firm’s community was not affected.
Sedgwick has additionally notified regulation enforcement and has employed outdoors cybersecurity consultants to research the affect of the breach.
“Sedgwick is addressing a safety incident at one among its subsidiaries, Sedgwick Authorities Options. Following the detection of the incident, we initiated our incident response protocols and engaged exterior cybersecurity consultants by way of outdoors counsel to help with our investigation of the affected remoted file switch system,” the spokesperson mentioned.
“Importantly, Sedgwick Authorities Options is segmented from the remainder of our enterprise, and no wider Sedgwick techniques or information have been affected. Additional, there is no such thing as a proof of entry to claims administration servers nor any affect on Sedgwick Authorities Options skill to proceed serving its purchasers. Now we have notified regulation enforcement and stay in touch with our purchasers as we conduct our investigation.”
Whereas the corporate did not attribute the assault to a selected risk group, the assertion confirms the TridentLocker ransomware group’s claims that they breached the corporate.
The risk actors say they’ve stolen 3.39 GB of paperwork and, since taking duty for the assault, they’ve additionally revealed among the allegedly stolen information on their Tor information leak web site.
​TridentLocker ransomware first surfaced in November and is at present itemizing a dozen victims on its leak website, together with Bpost (Belgian Submit Group), the corporate that delivers mail in Belgium and one of many largest civilian employers within the nation.
Bpost confirmed its community was breached on December third however mentioned its operations weren’t affected by the TridentLocker ransomware assault.
Whether or not you are cleansing up previous keys or setting guardrails for AI-generated code, this information helps your group construct securely from the beginning.
Get the cheat sheet and take the guesswork out of secrets and techniques administration.
