DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

MKS Instruments’ breach notification includes a surprising statement to reassure those affected

Posted on February 16, 2023 by Dissent

Well, this is a bit different.

On February 13, MKS Instruments in Massachusetts (the U.S. parent company of the MKS and Atotech group of companies) became aware of a ransomware event. By February 16, they issued a notification letter to former and current employees who may have been affected.

Their notification informed employees that,  “While exfiltration of personal employee data has not been confirmed, we cannot rule it out and thus are providing notice.”

(That’s not the different part. Stay with me….)

After noting that they could not rule out whether personal employee data had been exfiltrated, they wrote,

Our understanding is that, in similar prior cases affecting other companies, ransomware actors have appeared to refrain from using personal data against individuals.

Somewhat surprised to read that, especially since some threat actors have reached out to employees, students, or patients in other cases to try to extort them, DataBreaches posted a question on Infosec.Exchange asking whether anyone had ever seen an assurance like that in a breach notification letter.

The wholly unscientific query produced no “yes” responses and a few “no’s.”

In any event, MKS writes that the types of personal data that may have been involved,
“where collection of such personal data is permitted by local law,”  included:

Name, contact information, address, government ID numbers (including Social Security Number in the U.S.), work login credentials/passwords, marital status, veteran status, nationality, immigration status, race, religious beliefs (where MKS is required by law to collect), education, employment history, date of birth, gender, sexual orientation, bank account information, payment card information, information about compensation and equity, information about job position and time/hours worked, information about disabilities, health and medical conditions, employer union, health insurance information, basic information regarding your partner, children and emergency contacts (such as name, age, and contact details), if applicable.

That’s a lot of personal information and hopefully, MKS is pursuing trying to determine if data were actually exfiltrated. They are offering those being notified identity monitoring for 2 years.

The notification does not indicate how many people have been notified or whether HHS has been notified. Nor does the letter provide any details on the ransomware incident such as what type of ransomware or whether there was any negotiation with any ransomware group.

Their full notification can be read on the Montana Attorney General’s website.  For a report on some of the breach’s impact on its customers, see this news article on Bloomberg.

MKS’s website currently displays a message, “Unfortunately, www.mks.com is experiencing an unscheduled outage. Please check back again at a later time.”

DataBreaches has submitted an email to their worldwide email address to ask about the type of ransomware and how many people are being notified. The email also asks for the source of their understanding that criminals refrain from misusing the personal information of employees.


Link to Bloomberg article, “Applied Materials’ Sales Shortfall Linked to Cyberattack at MKS,” added post-publication.

Update: Katie Coleman from communications firm Kekst CNC responded to the email inquiry, “The 8-K currently includes all the information we have to share publicly at this point.”

Related posts:

  • Operation Islam v Operation Israel Results
Category: Breach IncidentsBusiness SectorHealth DataMalwareU.S.

Post navigation

← Update: Wawasee Community School Corporation victim of BlackCat attack
Norway finds a way to recover crypto North Korea pinched in Axie heist →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked
  • Breaches have consequences (sometimes) (1)
  • Kansas City Man Pleads Guilty for Hacking a Non-Profit
  • British national “IntelBroker” charged with causing $25 million in damages; U.S. seeks his extradition from France
  • France issues press statement about arrest of ShinyHunters members
  • Patients Allege Home Delivery Pharmacy Failed to Timely Notify Them of Data Breach

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions
  • NY Attorney General James Affirms Hospitals Must Provide Access to Emergency Abortion Care
  • How Internet of Things devices affect your privacy – even when they’re not yours

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.