Merrill Steel Alerts Employees of Security Incident
Merrill Steel detected unauthorized activity on certain of its computer networks. That unauthorized activity was limited to one day, lasted only a few hours on that day, and, upon discovery, steps were taken to limit its scope. Despite those steps, the unauthorized access did nonetheless result in what is sometimes referred to as a “ransomware” attack such that certain of Merrill Steel’s files were encrypted with no available means to decrypt them.
Recommended AI News: Voyager Digital Announces Listing of the Terra (LUNA) Token
Merrill immediately engaged IT and cyber security experts to investigate the incident, determine its scope and assist in obtaining the tools necessary to decrypt the affected files while also restoring our systems. Although that investigation remains ongoing and could yield a different outcome, Merrill has not currently found evidence that information on our systems was subjected to anything more than the unauthorized encryption. Put another way, we have not yet uncovered any evidence that personal information was taken and subjected to misuse. The information subjected to unauthorized encryption was only that of our employees (to our knowledge thus far, no personal or sensitive information of our customers was affected) but did include the following elements of personal information about those employees and certain of their spouses and dependents:
- names, address, dates of birth,
- direct deposit information,
- health insurance information, and
- Social Security numbers.
Recommended AI News: Ransomware Accounts for 81% of All Financially Motivated Cyberattacks in 2020
Out of an abundance of caution, Merrill Steel notified the affected individuals so that they could take steps to further protect their personal information. To assist them in doing so, Merrill Steel procured, for all affected employees, spouses and/or dependents, credit monitoring and other identity protection services. As the affected information included data governed by the Health Insurance Portability and Accountability Act or “HIPAA” we have notified and are working with the relevant HIPAA authorities. We issue this press release regarding what we would otherwise consider a closed and satisfactorily resolved matter posing no further threat, in order to satisfy our HIPAA obligations.
Since the time of the event, the talented employees of Merrill Steel have been working hard to recreate and restore the impacted systems and to further strengthen security systems to protect against a similar event occurring in the future.
Recommended AI News: Driverge Vehicle Innovations Acquires NorCal Van Conversions Adding West Coast Manufacturing and Distribution Capabilities
Copper scrap repurposing Copper scrap carbon footprint Scrap metal procurement strategies
Copper cable recyclers, Scrap metal logistics services, Scrap Copper composition analysis
Metal recycling and recovery facility Ferrous waste export Iron waste reclaiming services
Ferrous material recycling forums, Scrap iron recovery facility, Ferrous scrap yard