This audio is automatically generated. Please let us know if you have any comments.
Dive brief:
- Skender Construction, a Chicago-based general contractor working in sectors including healthcare, multifamily, education and retail, was the victim of a ransomware attack which affected 1,067 people, the company disclosed in an April 5 filing with the Maine Attorney General’s office.
- The company discovered the attack on March 15, according to a letter from Jerry Ball, Skender’s chief operating officer, that will be sent to those affected. Skender believes the attacker was only after money, not information from his systems.
- However, based on an investigation, the contractor believes that personally identifiable information from its system may have been accessed. This could include names, addresses, dates of birth and Social Security numbers, along with direct deposit, driver’s license, passport and possibly health information, if provided to the company.
Diving knowledge:
Upon discovering the breach, the contractor hired experts who were able to help the builder’s information technology team restore their systems from backup. Because of its preparation and investment in its IT infrastructure, Skender said in the letter, it didn’t have to pay the attackers to get back into business.
For those affected, the builder will provide the services of risk mitigation company Kroll for identity tracking for one year.
The attack notice filed with the state of Maine did not specify whether the company’s customers were affected. Neither Skender Construction, nor an attorney representing the company, responded to requests for comment. Skender’s projects page he highlights his work for LinkedIn, Google, Salesforce, Indiana University Bloomington Health Hospital, and Northwestern Memorial Hospital, among other clients.
Construction-affiliated companies continue to be targeted by cybercriminals: In September, Raleigh, North Carolina-based commercial construction insurer Builders Mutual Insurance Co. revealed that it was the target of a hack which affected the personal information of 64,761 customers.
Regarding the offer, Pleasanton, Calif.-based Simpson Manufacturing Co., owner of construction fastener supplier Simpson Strong-Tie, suffered a cyberattack in October this caused the company to take defensive actions and shut down some systems.
