Greylock McKinnon Associates reports data breach, exposing 300k individuals
Learn More
Greylock McKinnon Associates (GMA), a firm specializing in economic analysis and litigation support, is reporting a data breach affecting 341,650 individuals. The breach occurred on May 30, 2023, but was only discovered on February 7, 2024 and compromised sensitive Medicare and other personal information.
This cyberattack was described as sophisticated and led to the unauthorized access of personal data originally collected by the U.S. Department of Justice for a civil litigation matter. GMA was in possession of this information to support the DoJ in the litigation.
The compromised data includes:
- names,
- dates of birth,
- addresses,
- Medicare Health Insurance Claim Numbers (which also contain Social Security numbers),
- some instances of medical and/or health insurance information.
The nature of the breach and the number of affected individuals is not disclosed.
Update - Greylock McKinnon Associates (GMA) disclosed a data breach impacting 341,650 Social Security numbers after the cyberattack in May 2023. It’s not clear why it took GMA nine months to report the breach.
The DoJ has clarified that the individuals affected by this breach are neither subjects of the investigation nor related litigation matters and assured them that their current Medicare benefits or coverage would not be impacted by this incident.
GMA engaginged third-party cybersecurity experts and is notifying law enforcement and the DoJ about the incident. The company has removed all DoJ-related data from its systems and has offered 24 months of free identity theft protection and credit monitoring services through Cyberscout IdentityWorks to all affected individuals.
