LANSING, Mich. — The state of Michigan is alerting residents to a data breach that might have impacted more than four million individuals.
The Michigan Department of Attorney General forwarded a warning from the U.S. Department of Health and Human Services (HHS) saying Fortra, a cybersecurity company, was targeted in a cyberattack.
We’re told the breach affected 130 companies. Many of them are in the healthcare business.
The state says Procter & Gamble, Hitachi Energy, NationBenefits, Saks Fifth Avenue are among those impacted.
“Companies that handle our personal data have a responsibility to implement safety measures that can withstand cyberattacks,” says Attorney General Dana Nessel. “A breach like this one threatens to expose some of our most personal information – our health information. Heeding the advice my office has provided will help keep your personal data safe and secure.”
The first attacks took place in late January, according to the state. Fortra reportedly put out an alert on Feb. 1 before releasing a security patch on Feb. 7.
Clop, a ransomware group with ties to Russia, claimed responsibility for attacking GoAnyWhere MFT, according to the state.
Nessel urges consumers to take all necessary precautions to defend their sensitive information, namely:
- Keep all unusual mail or emails (e.g. statements from lenders unfamiliar to you, bills, tax notices from the IRS).
- Secure all bank and credit card accounts by updating passwords and PINs.
- Submit a fraud alert to notify lenders of potential identity theft.
- Monitor accounts and credit reports; be wary of unusual activity.
- Put a freeze on your credit file.
Visit the Attorney General’s webpage for more on what to do if you are a victim of a data breach.
Organizations are instructed to examine the issue and offer employees the tools needed to protect against future attacks.