- BCNYS LED a Cyberattack in February and discovered it in August
- Sensitive personal, payment and health information were stolen
- There are no signs of misuse of wild
Business Council of New York State (BCNYS), an association that represents companies, chambers of trade and professional organizations in New York, has confirmed that it has suffered a cyber attack where it lost sensitive information about tens of thousands of people.
BCNY’erne indgav en rapport til kontoret for Maine Attorney General, hvor den bekræftede overtrædelsen, og detaljerede den type data, der blev stjålet – i alt, 47.329 individer blev potentielt påvirket af hændelsen, når uidentificerede cyberkriminelle stjal fulde navne, Social Security Numbers (SSN), Datates fødselsnumre, Finansielle institutioner Names, Ruting Numbers, Ruting Numbers, Payment Worth Expiration dates, taxpayers’ identification numbers and electronic signature information.
It also included health data such as names of medical providers, information on medical diagnosis and conditions, prescription information, data on medical treatment and procedures and health insurance information.
How to remain safe
The incident apparently happened at the end of February 2025, but BCNYS noted it until early August when it started an investigation and informed relevant authorities.
So far, there is no evidence that the stolen files were used in identity theft, phishing or other cybercrime – but of course it does not mean that it will not happen or that it will not happen.
Hackers can use stolen data to open bank accounts or credit lines, make unauthorized purchases, fil for false tax returns and even access medical services or prescription under someone else’s name.
Victims must place a fraud warning or credit with the large credit agencies, monitor banking and credit card statements daily and sign up for the protection of identity theft or credit monitoring as BCNYs offer it for free.
They should also change passwords and enable multifactor authentication in all accounts, notify their banks and insurance companies of potential fraud and request an IRS identity protection pin to block false tax archives.
For the medical data, victims should review insurance clarification of benefits (EOB) declarations and contact providers to mark any suspicious medical activity.
Via Bleeping computer
