In a world where data breaches are becoming all too common, the latest victim is Young Consulting, a company recently rebranded as Connexure. Based in Atlanta, this software solutions provider plays a pivotal role in the employer stop-loss insurance marketplace, offering services to insurance carriers, brokers, and third-party administrators. But now, the firm is making headlines for a much less favorable reason.
On April 10, 2024, Young Consulting found itself in the crosshairs of a devastating ransomware attack orchestrated by the notorious BlackSuit group. The breach went unnoticed for three days until the attackers triggered an encryption sequence that brought the company’s operations to a halt. It wasn’t until June 28, after a thorough investigation, that the full extent of the damage was revealed: the personal information of 954,177 individuals had been compromised.
The stolen data includes full names, Social Security numbers, dates of birth, and sensitive insurance claim information. Among those affected are members of the Blue Shield of California, highlighting the far-reaching impact of this breach.
Yesterday, Connexure began sending out data breach notifications to the nearly one million affected individuals. The company is offering a 12-month complimentary credit monitoring service through Cyberscout, which must be claimed by November 2024. But given the gravity of the situation, those impacted would be wise to act quickly.
The Grim Aftermath: BlackSuit Leaks Stolen Data
The story doesn’t end there. BlackSuit, infamous for its ruthlessness, has already leaked the stolen data on its dark web extortion portal. This data dump is far more extensive than what Connexure has disclosed, reportedly including business contracts, employee passports, financial audits, medical examinations, and even personal details from network shares.
The hackers first claimed responsibility for the attack on May 7, following through on their threats to expose the stolen information after failing to extort the company. As a result, those impacted are now at heightened risk of identity theft, phishing attacks, and various other forms of fraud.
A Broader Threat: BlackSuit’s Reign of Terror
The attack on Connexure is just the latest in a series of devastating strikes by BlackSuit. This group, believed to be a rebrand of the infamous Royal ransomware, has been wreaking havoc across the United States, with the most significant incident being the CDK Global outage earlier this year. According to recent reports from CISA and the FBI, BlackSuit has made over $500 million in ransom demands in the last two years alone.
Conclusion
As this story continues to unfold, it serves as a stark reminder of the relentless threat posed by cybercriminals. For those affected by the Connexure breach, the time to act is now—before the consequences become even more severe.