Advantages and payroll administration firm Sequoia says hackers accessed delicate buyer data, together with their Social Safety numbers and COVID-19 take a look at outcomes.
In keeping with Wired, which first broke the information of Sequoia’s breach final week, the incident impacted clients of Sequoia One, knowledgeable employer group (or PEO) that gives outsourced human sources and payroll providers. The service is common with U.S.-based startups and says it really works with greater than 500 venture-backed firms.
Now, in a knowledge breach discover filed with the California lawyer common’s workplace, Sequoia stated it grew to become conscious that an “unauthorized celebration could have accessed a cloud storage system that contained private data” over a two-week interval between September 22 and October 6. This breached cloud system saved an array of delicate private information, together with names, house addresses, dates of delivery, gender, marital standing, and employment standing. It additionally included Social Safety numbers, their wage wage associated to advantages, authorities id playing cards, and COVID-19 take a look at outcomes and vaccine playing cards.
Sequoia added that the evaluation additionally discovered no proof of malware, a knowledge extortion try, or any proof of ongoing unauthorized entry to firm techniques. As a result of the hacker’s entry was “read-only,” the corporate stated no shopper information had been modified.
Sequoia stated it employed Dell Secureworks to conduct a forensic investigation, which discovered “no proof that the unauthorized celebration misused or distributed information.” It’s not clear if Sequoia has the technical means, reminiscent of logs, to find out what data was accessed or what information was siphoned, if any.
When requested by TechCrunch, Sequoia declined to say how the shopper information grew to become uncovered and wouldn’t say what number of people had their private information compromised.
Learn extra on safety: