What Happened?
Over the weekend, a ransomware group called BianLian listed Consolidated Benefits Resources on to its data leak site. A copy of the post can be found below.
Consolidated Benefits Resources is an Oklahoma-based claims administrator for Oklahoma workers’ compensation insurers.
BianLian claims it has stolen 1.2 TB of data from the organization including finance data, HR data, personally identifiable information (PII) records, personal health information (PHI) records, incidents and injury reports, partners’ and clients’ private data, mailboxes, internal and external email correspondence, and SQL databases.
BianLian, as a ransomware gang, has been extremely active since its discovery in 2022. The group impacts mainly the healthcare, manufacturing, professional, and legal services sectors. There attacks have primarily taken place in North American but they have also been seen in the EU and India.
Defender Recommendations
This is an ongoing incident and the scope of the incident remains in question. However, if you utilize the services of Consolidated Benefits Resources, you should proactively prepare for the event that your information has been compromised.
This includes prepping to enact your third party vendor exploitation playbook. Also, begin make ready any disclosure notices that may be necessary to customers and regulators.
Reach out to us at memberservices@industrydefenders.com if we can assist you in any way.