Home News U.S. RailWorks Corp. Reports Data Breach Post Ransomware Attack

U.S. RailWorks Corp. Reports Data Breach Post Ransomware Attack

US Railroad

The U.S.-based railroad company, RailWorks Corporation, reported a data breach to the Office of the Attorney General of California, which has potentially compromised the confidential PII of its employees. Although the description of the data breach occurrence mentioned in the notice given to the Attorney General is not clear, it does suggest the nature of the attack to be a ransomware attack.

Ransomware Attack on RailWorks Corporation

As per the report, RailWorks Corporation was targeted by a ransomware attack on January 27, 2020. During this attack, RailWorks Corporation’s systems and servers were encrypted, and this potentially led to a data breach of the PII (personally identifiable information) of its 3,000+ employees. The breached employee information includes name, address, driver’s license, Social Security Number (SSN), date of birth, date of employee hiring/termination and/or retirement.

RailWorks informed its employees by email about the data breach incident between January 30 and February 7, 2020. It said that no indication of employee PII misuse was recorded till the time of publish, but as a precautionary measure, it has tied up with Identity Guard Total to provide free credit monitoring to those affected with the data compromise for the next twelve months. This credit monitoring service uses IBM Watson Artificial Intelligence service to keep an eye on the Dark Web and alerts registered user if their SSN, credit cards, and/or bank account numbers are found on unsecured online locations.

Ransomware Attack on U.S. Gas Pipeline

Earlier in February 2020, a ransomware attack on a U.S. natural gas supplying facility brought its operations to a standstill for two days when the organization’s incidence response team implemented a deliberate and controlled shutdown to contain the ransomware spread.

In an alert issued by CISA (Cybersecurity and Infrastructure Security Agency), the government agency did not mention the time, date, type/name of the ransomware or the natural gas facility name that was impacted. But it did mention other vital information like the way this ransomware attack was carried out so that in future other organizations can take useful notes in planning their risk mitigation measures.