Monday, January 25, 19:56
Home security Artech: The IT staffing company suffered data breach due to ransomware attack

Artech: The IT staffing company suffered data breach due to ransomware attack

Artech Information Systems, one of the largest IT staffing companies USA, revealed that it suffered a data breach, which was caused by a ransomware attack that affected some of the systems at the beginning of the year. It is a private company with estimated annual return $ 810.000.000 in 2019 and about 11.000 employees and consultants in 40 US states, Canada, China and India.


Artech provides personnel and workforce solutions, program management and government services, with its customer list comprising more than 80 customers listed in F, as well as U.S. federal entities.
The company discovered the ransomware attack after it found ransomware on some of its systems, having noticed reports of unusual activity related to one of its employees' accounts.

A data breach notification letter to the affected individuals states that on the same day Artech hired a leading forensic firm to assess the safety of its systems and confirm the nature and extent of the security incident. In mid-January, the investigation found that someone had acquired unauthorized access in Artech systems, in space between 5 January 2020 and 8 January 2020.

data breach

The BleepingComputer learned about the attack on Artech servers on 11 January 2020, when his gang Revil / Sodinokibi ransomware leaked 337MB of files it allegedly stole from the company's servers, noting that this is only a small part of what it stole. In addition, Revil operators threatened that if the company did not take the necessary steps, they would sell the rest. data gathered. The data include commercial, financial and personal information.

A e-mail notified to BleepingComputer by an Artech employee states that the company had to shut down all its systems, but was able to restore critical services and servers from the backup data.

ransomware ransom attack

REvil is a ransomware-as-a-service (RaaS) company that infringes on corporate networks through exposed remote desktop services, as well as service provider managers, using exploits and spam emails. Once they gain access to a victim's network, REvil operators steal sensitive and confidential data for later use as a "weapon" to persuade their victims to pay a ransom to prevent the stolen information from being leaked. In addition, once they gain administrator access to a controller domain and steal data from servers and workstations, REvil operators develop ransomware payloads on all computers on the compromised network.

Artech has discovered the personal, health and financial information of many individuals stored on compromised systems. Round on 25 June 2020 that the company completed the investigation into the alleged attack, was able to identify the individuals whose information was exposed to the data breach. This information is estimated to include the following: names, social security numbers, medical information, health insurance information, financial information, credit card details, driver's license numbers / ID numbers, passport numbers, visa numbers, digital signatures, usernames and passwords. However, it is worth noting that the combination of exposure information differs for each affected individual.

REvil / Sodinokibi ransomware

After the discovery of the attack, Artech changed them credentials to secure its systems, and also began working with external security experts to improve its existing security procedures and protocols.

Finally, Artech advises affected data breach alerted individuals to monitor their suspicious account statements and to be constantly vigilant for fraud or identity theft attempts. Their company also provides free card tracking and identity protection services through it Kroll.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...

SpaceX launched 143 satellites simultaneously

SpaceX broke every record with its last spacecraft mission into orbit. The company successfully launched the Transporter-1 mission ...

Sony may resurrect the Xperia Compact to compete with Apple

Have you seen the iPhone 12 mini and wish there was an Android equivalent to this small but powerful smartphone? Can the desire ...

Artificial intelligence (AI) may one day be used against us

AI algorithms offer us the news we read, the ads we see, and in some cases even drive cars ...