Data Breach: Gyrodata Targeted by a Ransomware Attack

Mining technology company Gyrodata witnessed a ransomware attack that has potentially leaked some personal information!

As ransomware attacks increase and expand in targeting organizations, another major technology firm became a victim of this attack vector. This time it is Gyrodata, a US-based company that provides technology and services to energy companies.

Illegal Access to The Systems

According to the report from Yahoo, Gyrodata has confirmed that they had suffered a ransomware attack that led to a possible data breach. The company learned as early as February 2021 that they are a possible target for a ransomware attack. So in order to tackle the situation, they implemented cyber security measures.

That includes securing their systems and also involving a cyber security firm to launch an investigation. Moreover, Gyrodata also informed the law enforcement at the same time and requested assistance in the investigation.

Findings Behind The Illegal Access

As per the investigation, it was revealed that malicious actors gained access to the company’s systems along with the data. And the findings revealed this occurred at various times approximately between January 16 to February 22, 2021.

It has also come to light that malicious actors may have potentially obtained the data that contains the personal information of current and past employees. This includes names, addresses, DOB, DL numbers, SSN, passport numbers, W-2 tax forms, and information related to health plan enrollment.

Potential Victims

As of now, it is unclear who is affected by the data breach. However, it is worth noting that Gyrodata is a US-based company, headquartered in Houston, Texas. Moreover, it has multiple offices around the world, including Saudi Arabia, UAE, Malaysia, Scotland, and Ecuador.

Gyrodata Statement:

“Gyrodata takes the security of personal information very seriously, and we wanted to make individuals whose information was potentially involved aware of our findings.”

“To help prevent a similar incident from occurring in the future, Gyrodata implemented additional security measures designed to enhance the security of its network, systems, and data.”

Kela’s tweet on the incident (source: Twitter)

Informing The Potential Victims

On April 22, 2020, Gyrodata started sending letters to everyone whose information might have been affected by the data breach. Moreover, the company also set up a dedicated helpline center to answer the queries related to the data breach.

Statement Regarding The Information:

“Individuals whose personal information may have been involved should remain vigilant for incidents of fraud or identity theft by reviewing account statements and free credit reports for any unauthorized activity. It is recommended that you review any statements that you receive from your health insurer or healthcare providers.”

“If you see services that you did not receive, please contact the insurer or provider immediately. As a precaution, Gyrodata is also offering individuals whose Social Security number or driver’s license number may have been involved complimentary credit monitoring and identity protection services.”

The statement continued, “The security of your personal information is important to Gyrodata and we sincerely regret that this incident occurred.”

Data Breach Prevention

As you can see, a data breach can leave a devastating impact on an organization. Moreover, it can harm an organization for years to come. Not only does it damage the reputation of the organization but it also disrupts the business operations. On the other hand, it can harm the people involved with the organization, including the employees, partners, and also the customers.

Data breach prevention (Source: Wiley Online Library)

What are The Measures to Implement for Data Breach Prevention?

Listed below are some of the best cyber security practices your organization can adopt to prevent a data breach:

  • Update your software and hardware as soon as new updates arrives, since it comes with the latest security patches
  • Make sure every piece of sensitive data of the organization is encrypted, also limit access to these files and data
  • Conduct vulnerability assessments and penetration testing periodically to find any voids in the organization’s IT infrastructure and fix them accordingly
  • Back up your valuable data in drive, cloud, etc. So that in case your organization suffers a data breach then you have a backup in place. But ensure it is protected
  • Provide cyber security and awareness training to your employees to make sure that they are aware of the latest cyber hacks and threats and are also mindful of ways to avoid such threats

Data breach prevention needs to include everyone, from employees working in the sales department to IT personnel. This includes the people involved with the organization. As you know, an organization is as strong as its weakest link. Therefore, it is important organizations focus on any possible vulnerabilities that can open doors for cyber criminals to exploit them!

If you like reading our blogs then you can also subscribe to our newsletter to get regular updates on the latest cyber security news and blogs.



Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store