On September 13, 2022, TIC International Corporation (“TIC”) reported a data breach to the Attorney General of Texas after the company learned it had been the target of a ransomware attack. According to the TIC, the breach resulted in the names, addresses and Social Security numbers of certain individuals being compromised. While the total number of victims is not currently known, based on the company’s filings, there were 1,989 victims in Texas alone. After confirming the breach and identifying all affected parties, TIC International Corp. began sending out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the TIC International Corp. data breach, please see our recent piece on the topic here.
What We Know About the TIC International Corp. Data Breach
The information about the TIC International Corporation data breach comes from the Office of the Attorney General of Texas. According to this source, as well as a notice the company posted on its website, on March 30, 2022, TIC Corporation experienced a network disruption. Shortly after, the company learned that it was the target of a Conti ransomware attack.
After learning about the cyberattack, TIC reported the incident to the Federal Bureau of Investigation, secured its network, and then engaged the assistance of cybersecurity experts to assist in the company’s investigation. This investigation confirmed the attack, as well as the fact that documents containing sensitive consumer information were accessed as a result of the incident.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, TIC International Corp. began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. The company’s review of the affected documents was completed on August 22, 2022. While the breached information varies depending on the individual, it may include your name, address, and Social Security number.
On September 13, 2022, TIC International Corp. sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About TIC International Corporation
Founded in 1951, TIC International Corporation is an insurance plan administrator based in Carmel, Indiana. The company administers health, pension, defined contribution/401(k), and other types of benefit funds on behalf of insurance companies and employers. TIC International Corp. operates four locations throughout the midwestern United States, including in Carmel, Indiana, Lansing, Michigan, Gingham Farms, Michigan, and Overland Park, Kansas. TIC International Corp. employs more than 122 people and generates approximately $19 million in annual revenue.
Ransomware Attacks Remain One of the Most Common Types of Cyber Attacks
In the letter that TIC International Corp. sent to those affected by the recent data security incident, the company notes that the leak was precipitated by a ransomware attack that was conducted by a “Russian criminal organization referred to as Conti.” Conti is one of the most prolific hacker groups, which first started carrying out ransomware attacks in 2020. As of August 2022, the group is believed to have targeted over 1,000 organizations, earning more than $180 million dollars in ransoms. The U.S. government sees the Conti ransomware gang as such a threat that it has offered a $10 million reward for information regarding certain members of the group.
Ransomware attacks are one of the most common ways cybercriminals orchestrate attacks designed to obtain consumer data. According to the Identity Theft Resource Center (“ITRC”), the number of ransomware attacks more than doubled between 2020 and 2021, increasing from 158 attacks in 2020 to 321 attacks in 2021. If 321 attacks doesn’t sound like a concerning number, remember that every ransomware attack has the capability of affecting tens of thousands of people. For example, the ITRC reports that over 41 million people fell victim to ransomware attacks in 2021.
Ransomware attacks have been around for decades; however, more recently, the number of ransomware attacks has grown disproportionately. In part, this is due to technological developments that allow cybercriminals to target the most valuable data types, such as Social Security numbers, financial account information, and protected health information.
In a typical ransomware attack, a hacker installs malicious software on a victim’s device. Usually, this is done through an email phishing attack or by placing a line of malicious code on the back end of an organization’s website. The malicious software encrypts the data on the device, preventing the victim from logging in. When the victim attempts to log in, they see a message from the hackers demanding a ransom if they want to regain access to their computer network.
More recently, hackers have started taking a more aggressive approach by threatening to publish the stolen data on the dark web if the ransom is not paid. Of course, not every ransomware attack results in consumer data being published to the dark web; however, this isn’t a chance that most organizations (or consumers) are willing to take. Thus, the threat of publishing data adds to an organization’s incentive to pay the ransom.
Given the frequency and risks of these attacks, it is important for both consumers and organizations in possession of consumer data to understand what ransomware attacks are, how they can be prevented, and what can be done to limit their effects, including identity theft and other frauds.