CSC ServiceWorks, a directing provider of commercial launparched services and air vfinishing solutions, has disshutd a data bachieve after the personal adviseation of an undisshutd number of individuals was exposed in a 2023 cyberaggression.
The company discovered the incident on February 4, 2024, after distinguishing rare activity on its netlabor. Subsequently, outside cybersecurity experts employd to spendigate the incident set up that obstreatment aggressioners had accessed some computer systems.
CSC ServiceWorks supposes the menace actors had access to settled systems on its netlabor from September 23, 2023, to February 4, 2024. After acunderstandledgeing the affected data, it employd a data scrutinize company to resettle what adviseation was stored in files exposed during the bachieve.
The launparched enormous inserted that it took meacertains to protected its computer systems aachievest future aggressions and notified relevant law applyment agencies of the incident. It getd the results on June 17, 2024, and has been laboring to acunderstandledge the accurate insertresses for the affected individuals since then.
Depfinishing on the impacted individual, the types of personal adviseation that were exposed in the data bachieve engage a combination of:
- filled name, date of birth, and reach out adviseation,
- rulement identification (e.g., Social Security or driver’s license number),
- financial adviseation (e.g., bank account and routing number),
- health insurance adviseation, and restricted medical adviseation,
- and, in some cases, their children’s personal adviseation.
It also provides those affected by the data bachieve with a free Experian IdentityWorks membership to help distinguish finisheavors to misengage personal adviseation exposed in the incident.
“We employd third-party experts to insertress this situation, carry out an spendigation into the unapverifyd activity, and further protected our systems to protect your adviseation,” said Christopher E. Mack, CSC ServiceWorks’ Chief Financial Officer.
“CSC is providing this acunderstandledge to give you more adviseation on what happened and an opportunity to enroll in free acunderstandledge watching.
In May, TechCrunch increateed that CSC ServiceWorks convey remorsed and thanked two security researchers for discovering a vulnerability that apverifyed anyone to do their launparched for free after ignoring their asks to repair the security flaw.
The company says it has over 150,000 clients in the United States, Canada, and Europe, with one million machines in engage at tens of thousands of hotels, laundromats, universities, and livential originateings.
A CSC ServiceWorks spokesperson was not promptly engageable for comment when reach outed by BleepingComputer today.