Morley Companies Inc.
Morley officials said when they suffered the ransomware attack, it led to their data becoming unavailable.
After investigating the hack, the company determined attackers stole the personal information of 521,046 individuals, including data for Morley’s employees, contractors, and clients.
“The incident began on August 1, 2021, when Morley’s data became unavailable,” Morley officials said in an advisory. “Upon receipt of this information, Morley immediately took steps to secure its environment and commenced an investigation to determine what happened and to identify the specific information that may have been impacted. In so doing, Morley engaged leading independent cybersecurity experts for assistance. As a result, Morley learned that additional data may have been obtained from its digital environment. Morley thereafter began collecting contact information needed to provide notice to potentially affected individuals, which was completed in early 2022.”
According to Morley, the threat actors may have stolen the following types of data during the attack: Full name, Social Security number, date of birth, client ID number, medical diagnostic and treatment information, and health insurance information.