After being hit by a critical ransomware attack, a leading financial and insurance services company needed to act fast to mitigate the impact on its clients and their customers. Kroll’s specialist breach notification, identity and credit monitoring services and proprietary technology reduced the costs and complexities of the breach notification process, ensuring that the company was able to safeguard its reputation and quickly return to business-as-usual.
Delivering Global Breach Notification after a Major Ransomware Attack
Overview
Industry
- Financial Services
Challenges
- 6.5 million customers affected
- Complex and varied monitoring requirements
- Lack of in-house notification and monitoring expertise
Kroll Services
- Breach Notification
Impact
- More than one million impacted individuals notified
- Seamless notification tracking
- Expert support delivered via a dedicated call center
- Sensitive data securely transferred to more than 1,000 data owners
The Challenge
A LOCKBIT ransomware attack on a major financial and insurance services company led to the unauthorized access and exfiltration of the data of six and a half million customers across multiple clients/entities, with some of the company’s own applications going offline. The complex and high profile nature of the attack meant that the company needed to move fast to address client concerns and minimize reputational damage.
A key priority was to provide notice to all impacted individuals under its clients, supporting them with identity and credit monitoring, and call center services. Each client had unique timelines and requirements for notification, with multiple companies in need of additional tailored data support, such as file clean-up and address look-up. The high volume of individuals impacted also included international customers, who required different monitoring options based on varying geographical locations and regional regulations. One company needed more than 40 separate waves of notification to fully accommodate all their customer requests.
Kroll's Solution
Kroll’s unique breach notification expertise and proprietary technology significantly reduced the costs and complexities of the data breach for the business. Kroll accommodated multiple waves of mailing at one time across multiple clients, based on population size, location, timeline, letter versions, regulatory requirements and other aspects.
With many clients requiring specific reports based on their notification alone, Kroll provided the capacity to manage each client separately and delivered individual reporting on specific areas. As a result, the company was able to communicate quickly and effectively with clients, collect opt-in decisions and exchange data files and letter templates with a defensible audit trail. Kroll also established multiple call centers to answer questions directly from clients and individuals within hours of engagement.
Kroll’s global reach with specialist knowledge and skills ensured that key insight and guidance were available when and where they were most needed, helping the company to safeguard its reputation and client relationships, and meet all regulatory responsibilities at a critical time.
The Impact
Secure, Trackable Breach Notification
Kroll’s expertise in primary data breach communication and knowledge of best practices played a vital role in managing and mitigating the impact of the breach, with more than one million affected individuals notified globally, helping to protect the company’s brand integrity. With the breach notification process generally estimated to take up to five hours per data owner (source: Kroll), Kroll made the overall process more efficient, secure and trackable, providing a clear return on investment.
Effortless Reporting and Record Keeping
Kroll's industry-leading breach response experts ensured that, after notifications of the specific entities, each one of the company’s clients received digital copies of the notifications for their records, alongside final notification reports.
Secure Data Transfer
Kroll ensured secure transfer of sensitive data between the company and more than 1,000 data owners, creating 150 different physical and email notice versions.
All Regulatory Timelines Met
Kroll enabled the company to meet all regulatory timelines and smoothly process all notifications via physical mail and email, alongside providing bespoke support in response to specific requests from across the company’s entire client base.
Stay Ahead with Kroll
Cyber and Data Resilience
Kroll merges elite security and data risk expertise with frontline intelligence from thousands of incident responses and regulatory compliance, financial crime and due diligence engagements to make our clients more cyber- resilient.
Data Breach Notification Services
Kroll’s data breach notification, call centers and monitoring team brings global breach response expertise to efficiently manage regulatory and reputational needs.
Breach Notification
Kroll’s data breach notification solutions – from drafting compliant letters, to full-service mailing help, to alternate notifications for large breaches – take the burden off your organization.
Data Breach Notification Letters
Kroll will work with your team to implement a personalized, plain-language notification letter that provides pertinent information and maintains message control.
Identity Theft Restoration
Kroll provides your breach population with direct access to investigative experts for live support and best practice advice, as well as identity restoration should they become victims of identity theft.
Credit Monitoring
Credit monitoring can be a powerful tool to offer in the wake of a data breach. Kroll provides a monitoring alert system that’s backed by the expertise of our licensed investigator team.
Identity Monitoring
Kroll’s unique combination of identity monitoring services can detect more types of identity theft than credit monitoring alone, providing practical help to combat identity theft and fraud.