The LockBit Ransomware Intrusion has impacted IMS, affecting 6 Million Persons

LockBit Ransomware

The LockBit Ransomware Intrusion has impacted IMS, affecting 6 Million Persons

Recently, Infosys McCamish Systems (IMS) made public the fact that a ransomware attack that was managed by LockBit had compromised the sensitive data of more than six million individuals with sensitive information.


IMS is a multinational corporation that focuses on providing services in the areas of business consulting, software development, and outsourcing.  People working in the insurance and financial services industries make up the majority of its clientele.  The company continues to maintain a large presence in the United States, where it provides services to a number of important organizations, such as Bank of America and seven of the top 10 insurers in the country.

In spite of the fact that the ransomware assault took place in November 2023, the company did not reveal it until February 2024 until further investigation.  According to the information provided by the company at the time, about 57,000 customers of Bank of America were affected.  The perpetrators of the hack, LockBit, claimed that they had encrypted 2,000 personal computers that were connected to the IMS network.

bank of america

At this time, IMS has confirmed to the authorities in the United States that the total number of impacted individuals exceeds six million.

This material was found as a result of an exhaustive investigation that was carried out with the assistance of eDiscovery specialists from the outside.  These specialists assisted in discovering the sensitive data that had been accessed without authorization.

According to each individual, the large amount of data that has been compromised is different.  It contains a variety of information, including

  • Social Security Numbers (SSNs)
  • dates of birth,
  • medical data
  • biometric data
  • email addresses
  • usernames and passwords
  • financial account numbers
  • payment card details
  • driver’s license numbers
  • passport numbers
  • tribal IDs
  • United States military IDs, among other things.

In an effort to mitigate the risks that have been incurred as a consequence of this data breach, the affected organization is offering affected parties a free credit monitoring and identity protection service through Kroll for a period of two years starting immediately.  It is the intention of this action to provide assistance to individuals in safeguarding their data and keeping a watchful lookout for any potential misuse.

IMS has said that Oceanview Life and Annuity Company (OLAC), which is situated in Arizona and provides fixed and fixed-indexed annuities, is one of the clients who have been affected; however, the identities of all of the other clients have not been disclosed.  It was brought to the attention of the corporation that the list of affected organizations can grow if additional customers come forward and request to be included in the filings.

As a result of the IMS LockBit ransomware attack, users are reminded of the expanding threats to cybersecurity as well as the severe repercussions that can arise from breaches of this nature for both commercial enterprises and private persons.  As investigations continue to be conducted and new information is brought to light, the primary concerns that remain are the protection of those who have been affected and the prevention of incidents of this nature.

Some Key Points Related to LockBit Ransomware Attack

  • The National Crime Agency (NCA) of the United Kingdom has disclosed that some of the data discovered on the LockBit systems that were confiscated belonged to victims who had already paid a ransom to the individuals who attempted to steal their information.
  • Moreover, as reported by CISA, LockBit affiliates have utilized a variety of open-source and freeware applications for legitimate purposes during breaches.
  • In addition to that, CISA has also published a Joint Cybersecurity Advisory with many prestigious partners in 2022 to elaborate on the mainstream functionalities that would certainly help users avert themselves from the harmful effects of the LockBit Ransomware Attacks.

one year cyber security diploma course

About The Author:

Yogesh Naager is a content marketer who specializes in the cybersecurity and B2B space.  Besides writing for the News4Hackers blog, he’s also written for brands including CollegeDunia, Utsav Fashion, and NASSCOM.  Naager entered the field of content in an unusual way.  He began his career as an insurance sales executive, where he developed an interest in simplifying difficult concepts.  He also combines this interest with a love of narrative, which makes him a good writer in the cybersecurity field.  In the bottom line, he frequently writes for Craw Security.


4th Fraudster Arrested for Scamming Dehradun Man of ₹1.1 Cr by Impostering as Mumbai Police

The Products of An Indian Software Company were Compromised to Spread Data-Stealing Malware

About Author

Leave a Reply

Your email address will not be published. Required fields are marked *

Open chat
Can we help you?