Government Consulting Firm Falls Victim to Massive Social Security Number Breach at Hands of Hackers

U.S. consulting firm Greylock McKinnon Associates disclosed a data breach in which hackers stole as many as 341,650 Social Security numbers. The data breach was disclosed on Friday on Maine’s government website, where the state posts data breach notifications. A spokesperson for the Justice Department did not respond to a request for comment. We received confirmation of which individuals’ information was affected and obtained their contact addresses on February 7, 2024,” the firm wrote. GMA told victims that “your personal and Medicare information was likely affected in this incident,” which includes names, dates of birth, home address, some medical information and health insurance information, and Medicare claim numbers, which included Social Security Numbers.

The US consulting firm Greylock McKinnon Associates recently announced a shocking data breach that compromised a staggering total of 341,650 Social Security numbers.

In a public disclosure on Friday, the company revealed the hack on Maine’s government website, which serves as a platform for data breach notifications from the state.

“Prompt steps were taken to mitigate the incident,” states GMA, addressing the cyberattack that struck in May 2023 but wasn’t publicly disclosed until now.

Notably, GMA mainly provides economic and litigation support to various organizations and government agencies, such as the U.S. Department of Justice, in civil litigation matters. In their official data breach notice, GMA notifies affected individuals that their personal information was obtained by the U.S. DOJ in support of an ongoing civil litigation matter.

The objectives and targeted entities of the DOJ’s civil litigation remain a mystery, as a representative from the Justice Department did not respond to requests for comment.

GMA has stated that those notified of the data breach are not the focus of the investigation or the related litigation, and that the cyberattack has no impact on current Medicare benefits or coverage.

“We worked closely with third-party cybersecurity professionals to manage the situation, promptly informing law enforcement and the DOJ,” writes GMA in their official announcement. “We obtained the affected individuals’ contact information on February 7, 2024, after receiving confirmation of the leaked data.”

The consulting firm also adds that affected individuals can expect their personal and Medicare information, including names, dates of birth, residential addresses, certain medical and health insurance details, and Medicare claim numbers (which also include Social Security Numbers), to have been compromised in the breach.

It’s puzzling why it took GMA nine months to fully grasp the magnitude of the breach and inform their clients.

Neither GMA nor their legal counsel, Linn Freedman of Robinson & Cole LLP, have released any comments regarding the incident at this time.

Avatar photo
Zara Khan

Zara Khan is a seasoned investigative journalist with a focus on social justice issues. She has won numerous awards for her groundbreaking reporting and has a reputation for fearlessly exposing wrongdoing.

Articles: 806

Leave a Reply

Your email address will not be published. Required fields are marked *