Malware inserted on a server on October 23, 2011 wasn’t discovered until October 21, 2015, reports First Transit‘s external counsel. For almost four years, employees’ information, including name, address, date of birth, phone number, driver’s license number, and Social Security number may have been compromised.
In response to the discovery, First Transit took the server offline and replaced it with a new and hardened server that also deployed a threat manager monitoring tool.
The forensic examination did not find any evidence that employee information was actually accessed or taken, and the firm did not offer its employees any credit monitoring or credit restoration services.