Central Ohioans receive letter claiming hackers have their information. Is it real? | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

COLUMBUS, Ohio (WCMH) – A letter showing up in mailboxes across the country is triggering alarm bells for many consumers, including some central Ohioans.

It appears to come from the U.S. Department of Justice, and claims that the healthcare information of hundreds of thousands of people is now in the hands of hackers. But is it real?

According to the Better Business Bureau, the Ohio Attorney General’s Office and the Federal Trade Commission — and as seen on Better Call 4 — scams that impersonate government agencies are consistently among the top frauds reported year after year.

“By volume, we’re really trying to prevent a lot of different types of scams, especially government and business imposter scams,” said Ryan Lippe, Consumer Educator with the Ohio Attorney General’s Office.

So, it only makes sense that a viewer reached out to Better Call 4 about a letter her mother got in the mail from a top government agency. The message reads in part:

“I’m trying to find a resource to verify if a letter from the U.S. Department of Justice is legit. My elderly mother received it regarding a security breach from an outside contractor involving personal and Medicare information… My instincts tell me this is fake, but I don’t want to leave my mom unprotected if it’s not.”

NBC4 looked up some articles about the breach, citing the same letter NBC4’s viewer received. 

The letter states that a U.S. consulting firm — Greylock McKinnon Associates (GMA) — was the victim of a “sophisticated cyberattack” involving the personal information of the letter recipient. The firm was working with the Justice Department as part of a “civil litigation matter,” and that personal information — including names, birth dates, Medicare and Social Security numbers — was provided to GMA as part of that case, and was likely affected in the hack.

Still concerned about its legitimacy, NBC4 did some more digging, discovering a data breach notification on the Maine Attorney General’s website. A letter, sent by a law firm representing GMA, was sent to attorneys general in several states, alerting them to the “ransomware attack” and “breach of personal information” of 341,650 people.

In summary — the letter is not a scam. It is legitimate.

For those affected, GMA said it’s removed all Justice Department data from its systems, and is providing free identity theft protection and credit tracking services for two years.


Click Here For The Original Story From This Source.


National Cyber Security