On April 10, 2024, a BlackSuit ransomware assault disclosed 954,177 personally identifiable information, forcing Young Consulting to send out data breach notifications.
Young Consulting (formerly Connexure) is an Atlanta-based software solutions provider that specialises in the employer stop-loss marketplace. It helps insurance carriers, brokers, and third-party administrators manage, market, underwrite, and administer stop-loss insurance policies.
Earlier this week, the company began notifying nearly a million individuals about a data breach. Among them are Blue Shield of California subscribers whose data was stolen during a ransomware campaign carried out by BlackSuit earlier this year.
The network intrusion occurred on April 10, but the company only noticed it three days later when the perpetrators triggered the encryption of its systems. The subsequent investigation was completed on June 28, finding that the following information had been hacked: full names, Social Security numbers (SSNs), dates of birth, and insurance claim details.
Those affected will receive free access to Cyberscout's 12-month complimentary credit monitoring service, which they can claim until the end of November 2024.
According to security experts, potentially affected individuals should take full advantage of this offer immediately, as BlackSuit has already disclosed the stolen information on its darknet-based extortion portal.
Users should also keep an eye out for unknown communications, phishing messages, fraud efforts, and requests for more information. The attackers claimed responsibility for the attack on Young Consulting on May 7. They followed through on their threats to publish the stolen data a few weeks later, most likely after failing to extort the software company.
BlackSuit claimed to have leaked far more than what Young Consulting disclosed in notices to affected individuals, including business contracts, contacts, presentations, employee passports, contracts, contacts, family details, medical examinations, financial audits, reports, and payments, as well as various content from personal folders and network shares.
BlackSuit's operations this year have resulted in enormous financial losses for American businesses, the most notable being the CDK Global outage. Earlier this month, CISA and the FBI claimed that BlackSuit is an updated version of Royal ransomware that has demanded over $500 million in ransom over the last two years.
