The Florida-based GEO Group has revealed that it was recently attacked by ransomware, which may have been sensitively and confidentially stolen data. GEO Group is a company that invests in private prisons and mental health facilities in North America, Australia, South Africa and United Kingdom. It currently manages more than 120 prisons, rehabilitation facilities, data centers and corporate offices. At USA, also manages some of the controversial ICE detention centers.
As soon as it discovered the breach, the GEO Group immediately cut off all connections between the breached companies servers and facilities, data centers and corporate offices. However, an investigation has revealed that intruders may have gained access to personal and protected health information.
Among the information reported are: names, addresses, dates of birth, social security numbers, driving license numbers, employee ID numbers, medical records, and other health-related information. GEO Group stated that it did not know of any fraud or misuse of the exposed information so far.
In addition, the company began shipping alerts to current and former employees, and has also informed the Hellenic Capital Market Commission (SEC) via an 8-K form. GEO Group reported that the incident affected part of its technology systems and a limited amount of data, including personally identifiable information and protected health information.
The company also stressed that it had recovered its critical operating data and the incident did not have a significant impact on its business activities or its ability to perform services required under its contracts with its government clients to care for those who have taken over the facilities and programs her.
Therefore, GEO GROUP does not believe that the incident will have a material impact on its business, operational and financial operations. The company carries insurance, including cyber security, which corresponds to the size and nature of its operation.