Two data breaches were revealed to have impacted major lighting and building management firm Acuity Brands in 2020 and 2021, reports SecurityWeek.
Acuity Brands issued a recent notice stating that its systems have been infiltrated in early December 2021 and further investigation showed that it had already been compromised in an earlier breach in October 2020. Both incidents have involved the attempted theft of data belonging to current and former employees and health plan members, including their names, Social Security numbers, financial account details, driver's license numbers, Acuity health plan information, limited health data, and other employment-related details. However, there has been no evidence indicating any stolen data.
Even though Acuity has not provided more details regarding last year's intrusion, the now-defunct Conti ransomware operation may be behind the intrusion, based on some data allegedly stolen from the company being leaked by the group in January.
Meanwhile, individuals impacted by the breaches have been urged by a California-based class action law firm to pursue legal action against Acuity.
Data breaches impact Acuity Brands
Two data breaches were revealed to have impacted major lighting and building management firm Acuity Brands in 2020 and 2021, reports SecurityWeek.
While DumpForums claimed to have infiltrated the company's corporate GitLab server, mail server, and software management services, Dr. Web emphasized that the incident had not resulted in any customer data compromise.
Included in the 6.4 GB SQL database were Internet Archive members' email addresses, usernames, Bcrypt-hashed passwords and password change timestamps, as well as other internal details as recent as September 28, when the attack was believed to have taken place.