Kurt Knutsson recently reported on a ransomware attack in September that affected 377,082 individuals.
Gulshan Management Services, Inc. is linked to Gulshan Enterprises, which operates around 150 Handi Plus and Handi Stop gas stations and convenience stores across Texas.
Gulshan reported the incident to the Maine Attorney General’s Office on January 6 and provided a copy of its notification letter to those affected. As Knutsson reports that the threat actor(s) gained access via a phishing attack, and:
The incident exposed highly sensitive personal data, including Social Security numbers and driver’s license details, belonging to hundreds of thousands of people.
The breach went undetected for days, giving attackers ample time to move through internal systems and steal sensitive data. If you’ve ever paid at the pump or shopped inside one of these convenience stores, this is the kind of incident that should make you stop and pay attention.
Read more at Cyberguy.
Although Knutsson says consumers should stop and pay attention, the types of information involved in the breach do not indicate that customer data was compromised. There would be no reason to collect SSNs from customers, as it has long been illegal for entities to require SSNs for credit card users, and no credit card data is reportedly involved in this breach. From the data types, this breach would more likely involve employees, or perhaps some employees and some customers, but the notification does not clearly state who was affected.
One potential class action lawsuit has already been filed in federal court for the Southern District of Texas: In Re Gulshan Management Services Data Breach Litigation (4:26-cv-00200). The plaintiff does not indicate in the complaint whether she had been an employee. It only indicates that she received a notification letter.