A New York-based logistics firm announced they had been subject to a malware attack and some personal information might have been released as part of the data breach.
New York City-based Select Express and Logistics announced late last month that they were the victims of a malware attack and data breach and as a result of the data breach “some information relating to certain individuals and businesses associated with Select, including current and former employees and business partners” might have been compromised. The specialized final-mile delivery provider works with some of the largest retailers in the United States according to their website including Dick’s Sporting Goods, Best Buy, Amazon and the Home Depot
The company said they first noticed suspicious activity on May 3rd, which impacted some of their computer systems. During the course of the investigation into the operational system issues, third-party forensic investigators were able to located evidence that hackers, through a malware attack might have had access to several employee email accounts dating from February 7th until May 5th.
As a result of this discovery, Select began a thorough review of the email accounts to see what information might have been compromised. Through the review, which was completed on July 8th, Select determined that personal and business information was present in the breached email accounts and files. This information might have been acquired by the hackers.
According to the release, the investigation discovered that the following types of information may have been accessible within the impacted accounts or files that may have been acquired by the malware: name, Social Security number, driver’s license / state identification number, bank / financial account information, credit / debit card information, date of birth, medical information, health insurance information, passport number, employer tax identification number, biometric data, billing / claims information, and electronic signature.
Select publicly announced the data breach on July 27th via press release, nearly three months after it was first discovered. According to the release, Select encourages individuals to monitor their accounts and activate the complimentary credit monitoring and identity protection services being offered.
“This is just the latest example of how business identity theft has become a crisis,” said Andy Pham, founder of Company Alarm, a business identity protection provider and owner of the San Paso Truck Stop in Paso Robles, Calif. “Many truck drivers are small business owners whether they are owner/operators or have other business interests and most don’t even realize how vulnerable they are,” Pham added. Company Alarm is offering their 24/7 monitoring and other services free of charge to trucking companies through the end of the year.