March 12, 2024 at 09:51AM
EquiLend has notified employees of a data breach resulting from a January 2024 ransomware attack. The company restored client-facing services by February 5 but recently disclosed the breach’s scope to the Massachusetts OCABR. Personal data, including Social Security numbers and payroll information, was compromised. EquiLend is providing impacted individuals with identity theft protection services.
From the meeting notes, it’s clear that EquiLend, a fintech firm, has suffered a data breach resulting from a ransomware attack that occurred in January 2024. As a result, notification letters have been sent to employees and impacted individuals. The data breach compromised personal information such as names, dates of birth, Social Security numbers, and EquiLend payroll information. EquiLend has stated that there is no evidence of the compromised personal information being used for identity theft or fraud. However, the company is providing complimentary identity theft protection services to impacted individuals. EquiLend has not disclosed the number of impacted individuals and has noted that there is no evidence of client transaction data being accessed or exfiltrated. The ransomware group LockBit has claimed responsibility for the attack on EquiLend.