Finance Solutions Provider Systems East Suffers 200k+ Data Breach
Table of Contents
- By Steven
- Published: Nov 21, 2023
- Last Updated: Nov 23, 2023
Based in Central New York, Systems East, Inc., is a finance, billing, and payment solution for commercial software products. Their software options differ from other finance payment options by their cross-system elements. The Systems East software provides one tool to manage multiple accounts and tasks. Systems East’s local success may be short-lived, however, because they’ve suffered a data breach—a big one.
How Did the Attack Occur?
The attack purportedly involved an unauthorized individual gaining access to a Systems East database. Systems East supposedly encrypted the database, but the threat actor could still copy it without breaking the encryption. Further, because the assailant copied the database, Systems East cannot verify if the encryption remains intact. How the attack was possible is unclear—no statement from Systems East references how the assailants conducted the assault. It could be that the attacker leveraged stolen credentials to access the database; they could have broken in remotely to harvest whatever data they came across first. However they did it, clients of Systems East must consider data and financial protections.
What Information Was Viewed or Stolen?
According to the published Systems East consumer notice, the database concealed limited client data. Most prominently, the database held records of client names and payment card information. The data did not contain information typically needed to process a card payment, like addresses or verification numbers. Despite the database not maintaining verification aspect data, at-risk clients must still take action to protect themselves. The details the hackers may have exposed in the breach are still enough for small-time fraud and criminal impersonations.
How Did Systems East Admit to the Breach?
There is conflicting information about the Systems East timeline of events. The Notice of Incident on their website and the published consumer notice state the attack occurred on August 25th, 2023. It was then purportedly discovered and rectified that same day. However, this was not the timeline submitted to the Maine Attorney General’s office. According to that filing, the breach occurred the same day but was undiscovered until nearly two months later, around October 27th. The filing also suggests those believed to be impacted by the breach got sent notices around November 16th.
What Will Become of the Stolen Information?
The assailant copying the encrypted database is potentially disastrous. There is no way to know if the assailants have the data or how they’ll use it. The attack was likely not a ransomware scheme, which means the hackers will likely profiteer the data later. Despite these unknowns, clients shouldn’t wait for their information to appear on a dark forum to take defensive action.
What Should Affected Parties Do in the Aftermath of the Breach?
Systems East’s stolen database presumably remains encrypted, though the actors may eventually breach it. The filing by Maine states the details of 209,328 people are within the database; it’s similar to other dark web data breaches, where the victim data is subsequently posted online for sale. No matter what the assailants plan to do with the data, thousands are at risk for information misuse. Systems East clients must take precautions before cybercriminals can manipulate their details. Take preventative measures by employing monitoring services, scrutinizing detailed reports of associated accounts, and preparing for the potential of fraud in the coming future.
