[BreachExchange] US Drilling Giant Gyrodata Reveals Employee Data Breach

Destry Winant destry at riskbasedsecurity.com
Mon Apr 26 10:27:08 EDT 2021 

https://www.infosecurity-magazine.com/news/us-drilling-giant-gyrodata/

A major oil drilling specialist has admitted it suffered a ransomware
attack which may have led to the compromise of data belonging to current
and former employees.

Houston-based Gyrodata claims to be one of the world’s leading suppliers of
technology and services designed to extract hydrocarbons from the earth.

However, late last week it published a statement revealing the security
incident, which was discovered on February 21.

There’s no information on whether the ransomware itself caused any
disruption to the firm, but it did admit the potential impact on employees’
personal and financial data.

“Gyrodata's investigation determined that the unauthorized actor gained
access to certain systems and related data within the Gyrodata environment
at various times from approximately January 16, 2021 to February 22, 2021,”
it said.

“The data potentially obtained by the unauthorized actor may have contained
personal information of current and former Gyrodata employees, including
names, addresses, dates of birth, driver’s license numbers, Social Security
numbers, passport numbers, W-2 tax forms, and information related to health
plan enrolment.”

As of last Thursday, the firm has been contacting affected individuals by
post, and has set-up a dedicated call center to deal with the potential
fallout. Gyrodata is estimated to have around 1000 employees worldwide,
including in offices in Scotland and Malaysia.

“Individuals whose personal information may have been involved should
remain vigilant for incidents of fraud or identity theft by reviewing
account statements and free credit reports for any unauthorized activity,”
the statement continued.

“It is recommended that you review any statements that you receive from
your health insurer or healthcare providers. If you see services that you
did not receive, please contact the insurer or provider immediately. As a
precaution, Gyrodata is also offering individuals whose Social Security
number or driver's license number may have been involved complementary
credit monitoring and identity protection services.”
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210426/a0ae249e/attachment.html>

More information about the BreachExchange mailing list