Advantages and payroll administration firm Sequoia says hackers accessed delicate buyer info, together with their Social Safety numbers and COVID-19 take a look at outcomes.
In response to Wired, which first broke the information of Sequoia’s breach final week, the incident impacted prospects of Sequoia One, knowledgeable employer group (or PEO) that gives outsourced human assets and payroll providers. The service is well-liked with U.S.-based startups, and says it really works with greater than 500 venture-backed corporations.
Now, in a information breach discover filed with the California legal professional basic’s workplace, Sequoia stated it turned conscious that an “unauthorized occasion might have accessed a cloud storage system that contained private info” over a two-week interval between September 22 and October 6. This breached cloud system saved an array of delicate private information, together with names, residence addresses, dates of start, gender, marital standing, and employment standing. It additionally included Social Safety numbers, their wage wage associated to advantages, authorities identification playing cards, and COVID-19 take a look at outcomes and vaccine playing cards.
Sequoia added that the evaluation additionally discovered no proof of malware, an information extortion try, or any proof of ongoing unauthorized entry to firm programs. As a result of the hacker’s entry was “read-only,” the corporate stated no consumer information had been modified.
Sequoia stated it employed Dell Secureworks to conduct a forensic investigation, which discovered “no proof that the unauthorized occasion misused or distributed information.” It’s not clear if Sequoia has the technical means, corresponding to logs, to find out what info was accessed or what information was siphoned, if any.
When requested by TechCrunch, Sequoia declined to say how the shopper information turned uncovered and wouldn’t say what number of people had their private information compromised.
Learn extra on safety:
