The Parker-Hannifin Corporation, an engineering firm, announced a data breach last week that exposed employees’ personal information after the Conti ransomware gang started publishing the allegedly stolen data in April.
Parker is an Ohio-based corporation that specializes in advanced motion and control technologies, specifically focusing on aerospace hydraulic equipment. It has a revenue of $15.6 billion and over 58,000 employees.
Parker-Hannifin said a security incident occurred between March 11 and March 14 and that it involved a third party who gained unauthorized access to Parker’s computer systems.
“Upon learning of this incident, Parker’s IT team immediately activated its incident response protocols, which included shutting down certain systems,” read the firm’s notice.
“Parker then launched an investigation with the assistance of a forensic investigation firm and other third-party cyber security and incident response professionals,” it added.
The resulting investigation determined that threat actors had extracted specific files from Parker’s computers, so the firm immediately informed the law enforcement authorities of the data breach.
Exposed Data
After reviewing the stolen files, Parker determined that the stolen data included information involved with current and former employees enrolled in Parker’s Group Health Plans and their dependents.
The compromised information included employees’ full name, social security number (SSN), date of birth, home address, driver’s license number, US passport number, banking and routing numbers, online account username and password, health insurance plan ID number, and health insurance dates of coverage.
This exposed information also included dates of service, health provider info, claims data, and clinical treatment details for a small portion of employees.
These details would make it possible for threat actors to execute phishing attacks, social engineering, or even identity theft and bank fraud against Parkers’ employees.
As a result, the firm decided to cover all impacted employees and beneficiaries with a two-year membership in identity protection services from Experian.
Although Parker-Hannifin did not disclose the identity of the attackers in April, the Conti ransomware group claimed responsibility on April 1, 2022. The gang published online 3% of the data that they allegedly stole during the attack.