A Major Data Breach Hits Atlanta-Based Software Solutions Provider, BlackSuit Ransomware Exposes Data of 950,000.
Young Consulting, now known as Connexure, a prominent Atlanta-based software solutions provider specializing in the employer stop-loss marketplace, has been hit by a major data breach involving the BlackSuit ransomware. The attack, which occurred on April 10, 2024, resulted in the exposure of sensitive personal information belonging to 954,177 individuals.
The Timeline of the Attack and Data Exposure
The network breach went undetected for three days before the attackers triggered the encryption of Young Consulting’s systems. This delay allowed the attackers ample time to exfiltrate sensitive data.
The ensuing investigation, concluded on June 28, revealed that the stolen data included:
- Full names
- Social Security numbers (SSNs)
- Dates of birth
- Insurance claim information
BlackSuit’s Extortion Tactics and Data Leaks
BlackSuit, the ransomware group responsible for the attack, has a history of demanding hefty ransoms from their victims. In this case, the group claimed to have stolen a vast amount of data beyond what Young Consulting disclosed in their breach notification.
BlackSuit’s extortion portal, a darknet-based platform, allegedly contained leaked data including:
- Business contracts
- Contacts
- Presentations
- Employee passports
- Family details
- Medical examinations
- Financial audits
- Reports
- Payments
Impact on Individuals and the Stop-Loss Insurance Market
The data breach has left 954,177 individuals vulnerable to identity theft and other forms of fraud. To mitigate the risk, Young Consulting is offering all impacted individuals free access to a 12-month credit monitoring service through Cyberscout.
The breach also poses a significant threat to the employer stop-loss insurance market, as sensitive information about insurance claims and policyholders has been exposed.
BlackSuit’s Criminal Activities and Financial Gains
BlackSuit, a rebranded version of the Royal ransomware group, has been active for several years, causing substantial financial damage to American organizations. The group is known for its aggressive extortion tactics and has reportedly made over $500 million in ransom demands over the past two years.
The CDK Global outage, a major disruption to the automotive industry, is one of the most notable attacks attributed to BlackSuit.
