SC Media reports:
Oregon-based third-party retirement plan administrator Carruth Compliance Consulting had information from more than 40,000 public school teachers and employees in California, Illinois, New York, Oregon, and Pennsylvania exfiltrated following a December attack by the newly emergent Skira Team hacking group, which purported the theft of data from 36 public schools across the U.S., according to The Record, a news site by cybersecurity firm Recorded Future.
Infiltration of Carruth Compliance Consulting systems between Dec. 19 and 26 primarily resulted in the exfiltration of individuals’ names, Social Security numbers, and financial account details but W-2 data, driver’s license numbers, tax filings, and medical billing details had also been stolen in certain cases, said the firm in a website notice.
Read more at SC Media.