20 subsidiaries of industrial technology conglomerate Fortive Corporation over the weekend confirmed they notified at least 31,478 people of a January 2023 data breach that compromised some or all of the following private information:
- Name
- Social Security number
- Financial account number
- Credit or debit card number
- Health insurance information
- Driver’s license number
- Passport number
- Birth certificate number
- Date of birth
The following list includes the Fortive subsidiaries affected by the breach, and the number of victims notified by each if known:
- Accruent – 2,513
- Advanced Sterilization Products – 3,513
- Censis Technologies – 296
- Fluke Corp – 6,661
- Industrial Scientific Corporation – 1,459
- Pacific Scientific Energetic Materials Company – 2,070
- Setra Systems – 1,919
- The Gordian Group – 1,489
- FTV Employment Services – 10,680
- Dover Motion – 575
- Anderson Instrument Co. – unknown
- Dynapar Corporation – unknown
- Fluke Biomedical- unknown
- Global Physics Solutions- unknown
- Intelex Technologies US – unknown
- Provation Software – unknown
- Qualitrol Company – unknown
- ServiceChannel.com, Inc – unknown
- Tektronix, Inc – unknown
- Janos Technology – unknown
Ransomware group Black Basta claimed responsibility for the attack in October 2023. Fortive has not verified Black Basta’s claim.
We do not yet know how much Black Basta demanded in ransom, whether Fortive paid a ransom, or how attackers breached Fortive’s network. Comparitech contacted Fortive for comment and will update this article if it responds.
The breach lasted 11 months before Fortive caught it, and it took another 10 months to notify victims. The notices, which are nearly identical for all of the above companies, state:
“In October and November 2023, we detected unusual activity within our network environment stemming from cybersecurity incidents involving two separate unauthorized parties […] the unauthorized third parties gained access to our network and viewed and acquired data between January 25, 2023 and November 26, 2023, at which point their access was terminated.”
Fortive is offering victims 24 months of free credit monitoring and identity theft restoration services via Equifax.
Who is Black Basta?
Black Basta, not to be confused with Blackcat or BlackSuit, is a ransomware gang that first surfaced in early 2022. It operates a ransomware-as-a-service business wherein third-party clients can pay Black Basta to use its ransomware in their own attacks. Black Basta often extorts victims twice: once for a key to decrypt affected systems, and then again in exchange for not selling or publicly releasing stolen data.
Comparitech researchers logged 69 confirmed ransomware attacks claimed by Black Basta in 2023, and 33 in 2024. In total, those attacks compromised nearly 1.5 million records.
Some of Black Basta’s largest attacks this year include breaches at Southern Water in the UK (up to 460,000 records) and Numotion (700,000 records).
Black Basta claimed another 105 attacks this year that haven’t been acknowledged by targets.
Ransomware attacks on US tech
Ransomware attacks on tech companies can steal confidential data and lock up networked computer systems. Attacks can put data subjects at risk of identity fraud, halt operations at the company, and steal secret info that leads to further attacks on the company and its clients. Targeted companies must pay a ransom to unlock their systems and prevent stolen data being sold or published online.
We recorded 44 confirmed ransomware attacks on US tech companies in 2023, affecting more than 103.5 million records. The vast majority of those records stemmed from vulnerabilities in MOVEit and Fortra software used by many large organizations.
We logged another 91 unconfirmed attacks on US tech companies in 2024 that have been claimed by ransomware groups but not acknowledged by targets.
About Fortive Corporation
Based in Everett, Washington, Fortive is a S&P 500 conglomerate that acquires industrial technology companies specializing in healthcare, precision technologies, and intelligent operating solutions. It employs more than 18,000 people in 60 countries worldwide. The company was spun off from Danaher in 2016, and in 2020 spun of its own company called Vontier that included its transportation and franchise businesses.
Source link