A data breach at a business services company based in Saginaw, Michigan may have exposed the personal information of 521,00 people.
The attack was detected on August 1 last year when data in the company’s care became unavailable.
The breach comes as a direct result of cyber-criminals targeting Morley Companies.
Michigan attorney general Dana Nessel confirmed on Friday reported “a data security incident that may have impacted data belonging to current employees, former employees and various clients”.
Morley said that they hired “leading independent cybersecurity experts” to investigate the attack, determining that “additional data may have been obtained from its digital environment.”
In a data security incident notice, Morley stated that the incident may have involved both personal identifiable information (PII) and protected health information (PHI). Potentially compromised data includes names, addresses, Social Security numbers, dates of birth, client identification numbers, medical diagnostic and treatment information and health insurance information.