RRCA Accounts Management reports randsomware attack, data breach
Take action: Apart from the ransomware problem which is global and all encompassing, here's another data greed example: Why on earth would a debt collection agency need the individual's gender, religious views or race. We all deserve at least some privacy.
Learn More
RRCA Accounts Management, Inc., a full-service collection agency based in Sterling, Illinois, reported a data breach resulting from a ransomware attack. RRCA has engaged law enforcement and forensic experts to investigate and assess the breach.
Play ransomware group took responsibility for the attack that was executed on on June 6, 2024. RRCA managed to stop the intrusion by June 7, 2024. Despite early containment efforts, further forensic investigations revealed that a significant amount of clients' customers' personal information was leaked.
The breached data includes:
- Contact information (name, address, date of birth, phone number, email)
- Social Security number or taxpayer ID
- Driver’s license number
- Passport number
- Health insurance information
- Medical information (e.g., medical record numbers, treatment locations, doctors)
- Health payment information (billing details, insurance claims, account numbers)
- Payment card details
- Username or IP address
- Potential demographic data (e.g., gender, religious views, race)
The number of affected individuals is not disclosed.
RRCA has notified affected customers of its clients and recommended measures to mitigate potential harm. The company has offered credit monitoring and identity theft service through CyEx.
