DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)

Posted on November 15, 2023 by Dissent

Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily removed to be updated, but DataBreaches has learned some additional details from someone involved in the attack.

The attack was last Tuesday, November 7. According to AlphV, they did not encrypt any files, but did exfiltrate files. MeridianLink was aware of it the day it happened. According to AlphV, no security upgrades were made following the discovery, but “once we added them to the blog, they have patched the way used to get in,”  DataBreaches was told.

DataBreaches asked AlphV whether MeridianLink had contacted them at all or responded to them at all, and was told that someone from MeridianLink had reached out to AlphV at some point, but there has been no interaction between the attackers and the firm. When asked why not, the threat actor explained, “it says they are offline.”

In what may be a first, however, AlphV has seemingly reported its victim to the SEC. A copy of the submission was shared with DataBreaches:

AlphV reported MeridianLink to the SEC for alleged failure to timely file. Image: Provided. DataBreaches.net.

AlphV wrote: “We want to bring to your attention a concerning issue regarding MeridianLink’s compliance with the recently adopted cybersecurity incident disclosure rules.

It has come to our attention that MeridianLink, in light of a significant breach compromising customer data and operational information, has failed to file the requisite disclosure under Item 1.05 of Form 8-K within the stipulated four business days, as mandated by the new SEC rules.

The automated receipt for the complaint submission. Image: Provided. DataBreaches.net

MeridianLink’s data security information can be found on its website. DataBreaches sent an inquiry to MeridianLink asking them about the alleged incident and their incident response. They replied promptly with the following statement:

Safeguarding our customers’ and partners’ information is something we take seriously. MeridianLink recently identified a cybersecurity incident that took place on Nov 10. Upon discovery on the same day, we acted immediately to contain the threat and engaged a team of third-party experts to investigate the incident. Based on our investigation to date, we have identified no evidence of unauthorized access to our production platforms, and the incident has caused minimal business interruption.

We have no further details to offer currently, as our investigation is ongoing.

Update 1: This post was updated post-publication to include MeridianLink’s statement.

Update 2: In response to a question DataBreaches received:  We are not lawyers, but we believe that new SEC reporting rule doesn’t go into effect until December 15. If any legal authority thinks it is already in effect, please let us know. 

 


Image by wayhomestudio on Freepik.


Related:

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
Category: Financial SectorHackOf NoteU.S.

Post navigation

← Data security breach at Beaverton School District
Georgia School District Goes Offline After Suspicious Activity →

5 thoughts on “AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)”

  1. john says:
    November 16, 2023 at 4:44 pm

    It is not effective until December 18 2023 for MeridianLink. Even then – the rule is not 4 days from the incident, but 4 days to disclose from the point the company determines they need to disclose it. Companies can’t ‘unreasonably delay’ the determination of if they need to disclose it.

  2. jeyarupan linganayagam says:
    November 18, 2023 at 1:30 pm

    My photos and videos .yzaq ransomware encrypted files so pls help me
    How to decrypt all file?
    Virus attack date 4.11.2023

    1. Dissent says:
      November 18, 2023 at 4:01 pm

      This is not my forte, so I asked Brett Callow of Emsisoft, and he suggested you take a look at this thread on BleepingComputer:
      https://www.bleepingcomputer.com/forums/t/671473/stop-ransomware-stop-djvu-puma-promo-support-topic/

      (and yes, links are not allowed in comments, but I am the owner so I can give myself permission)

    2. anon says:
      November 20, 2023 at 12:28 pm

      Check out this website:

      https://www.nomoreransom.org/crypto-sheriff.php

      1. Dissent says:
        November 20, 2023 at 6:52 pm

        That is also a good site, but in this case, you know from the extension that it’s the newer version of the malware and there’s no decryptor yet.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
  • Hungarian police arrest suspect in cyberattacks on independent media
  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Data breach feared after cyberattack on AMEOS hospitals in Germany
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Inquiry launched after identities of SAS soldiers leaked in fresh data breach
  • UK sanctions Russian cyber spies accused of facilitating murders
  • Michigan ‘ATM jackpotting’: Florida men allegedly forced machines to dispense $107K

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • British government reportedlu set to back down on secret iCloud backdoor after US pressure
  • Idaho agrees not to prosecute doctors for out-of-state abortion referrals
  • As companies race to add AI, terms of service changes are going to freak a lot of people out. Think twice before granting consent!
  • Uganda orders Google to register as a data-controller within 30 days after landmark privacy ruling
  • Meta investors, Zuckerberg reach settlement to end $8 billion trial over Facebook privacy violations
  • ICE is gaining access to trove of Medicaid records, adding new peril for immigrants
  • Microsoft can’t protect French data from US government access

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.