Update and possible correction: this may live a different breach than the one first reported in February 2020. The post below has been edited to reflect that while i attempt to verify if this was a endorse incident or not. Yesterday, AIU issued a pressure relinquish about an incident they read they discovered in january that resulted in access to information about some current and former employees, as well as their dependents and beneficiaries if they participated in AIU’s health of other benefit plans. That would likely lay some of this under HIPAA. The incident also reportedly impacted sole proprietor vendors who received an IRS signifier 1099 from the AIU (for tax years 2013 through 2020). The information in the files included names, addresses, email addresses, dates of birth, and Social security numbers. AIU’s full note can be found on their web site at https://www.aiu3.net/Page/4522. There is naught on HHS’s public breach tool at this time. in January 2020, Conti threat actors dumped data from AIU in a ransomware incident. They claimed it was 50% of what they had exfiltrated. This post will be updated once it’s clearer whether this is the same incident as last year’s or not.
About HackNotice and PA: Allegheny Intermediate Unit notifying employees, dependents, and vendors about ransomware incident