IMA Diligence Services Data Breach Exposes Sensitive Information of Over 525,000 Individuals
IMA Diligence Services is notifying over 525,000 individuals about a data breach that exposed sensitive personal and financial information, with the Genesis ransomware group claiming responsibility.
IMA Diligence Services has confirmed a significant data breach that has impacted the personal and financial information of more than 525,000 individuals. The incident came to light in mid-December when the company discovered that a legacy server, managed by an unspecified third-party vendor, had become inaccessible.
Following the discovery, IMA Diligence Services promptly engaged law enforcement and cybersecurity experts to investigate the breach. The investigation revealed that unauthorized actors gained access to the affected server between December 8 and December 16, during which time they exfiltrated a substantial volume of files. The full extent of the compromise was later determined to include highly sensitive personal data.
The compromised information includes names, addresses, Social Security numbers, and driver's license numbers. In addition to personal identifiers, the attackers also accessed financial details such as account and credit card numbers. Furthermore, medical and health insurance information, and in some instances, passport numbers and taxpayer identification numbers were also stolen, posing a severe risk of identity theft and financial fraud for those affected.
IMA Diligence Services reported to the Indiana Attorney General's Office that 525,306 individuals were affected by the breach. In response, the company is offering 12 months of complimentary credit monitoring and identity restoration services to all impacted individuals to help mitigate potential harm. The company has not disclosed the identity of the third-party vendor responsible for managing the compromised server.
While IMA Diligence Services' official notice did not name the threat actor, the Genesis ransomware group has claimed responsibility for the attack. The group added IMA Diligence Services to its dark web leak site in late January, asserting that they had stolen approximately 700 gigabytes of data, encompassing personal information, business documents, and confidential files.
IMA Diligence Services, a subsidiary of IMA Financial Group, specializes in financial consulting for mergers, acquisitions, and other corporate transactions. Previously known as RedRidge Diligence Services, the company was founded in 2009. The breach highlights the persistent risks associated with third-party vendor management and the critical importance of securing legacy systems.
The incident serves as a stark reminder of the ongoing threat posed by ransomware groups and the devastating impact data breaches can have on individuals. The exfiltration of such a wide array of sensitive data underscores the need for robust security measures and diligent oversight of third-party service providers in the financial sector.