P2021-ND-187

On Thursday, July 23, 2020, the Organization received a notice from its service provider, SEI Investments Canada Company (SEI), about a security incident. SEI informed the Organization that personal information in the custody of SEI?s own service provider, M. J. Brunner, Inc. (Brunner) was affected by a ransomware attack. Brunner provides services to SEI in connection with optimizing the delivery of SEI?s services. The Organization reported that the attack on SEI’s vendor systems occurred on May 17, 2020, when an unauthorized third party used malicious software to gain access to, encrypt and download, data from the vendor’s corporate servers. The Organization understands from SEI that, around June 9-12, 2020, the cybercriminals posted screenshots on the internet containing samples of the exfiltrated data as proof that it had obtained valid data from Brunner. The posts were reviewed by Brunner and SEI at the time and there was no indication of any data of the Organization?s clients in the screenshots. On July 13, 2020, SEI learned that the attackers had publicly published the downloaded data on the dark web. SEI obtained a copy of the published data and on July 17, 2020 determined that the Organization?s client information was implicated and notified the Organization.

File Type: pdf
File Size: 609 KB
Categories: 2021