After nine months since the incident was discovered, GMA has finally revealed the details of the cyberattack, saying that the hackers gained access to the personal information of hundreds of thousands of people.
This information included names, dates of birth, addresses, Medicare numbers, which include members’ associated Social Security numbers, and other medical or insurance information. The company, which provides economic and legal consulting services to companies and US government agencies, including the Department of Justice, did not specify the type of cyberattack, but reported immediate measures to minimize the incident.
GMA indicated that the victims’ personal information had previously been obtained by the Department of Justice as part of a civil lawsuit. The company removed Justice Department data from its systems after the incident. It said the cyberattack will not affect victims’ current benefits or Medicare coverage. Despite the length of time it took to disclose the incident, the company said it was necessary to confirm the identities of those affected.