Security News > 2023 > August > Mom’s Meals issues “Notice of Data Event”: What to know and what to do
Because the investigation identified the presence of tools that could be used for data exfiltration, we can't rule out the possibility that data was taken from one of our file servers.
PurFoods says it has contacted everyone whose was affected, or at least everyone whose data appeared in one or more of the scrambled files, which we assume are the files that the company thinks the attackers would have stolen, if indeed any data was exfiltrated.
The information in the files included date of birth, driver's license/state identification number, financial account information, payment card information, medical record number, Medicare and/or Medicaid identification, health information, treatment information, diagnosis code, meal category and/or cost, health insurance information, and patient ID number.
Mom's Meals therefore needs medical details for some, if not all, of its customers, and that data was mixed in with plenty of other personally identifiable information that may now be in the hands of cybercriminals.
We still don't know whether the company received any blackmail demands, whether there was any "Negotiation" with the attackers, or whether any money changed hands in return for hushing up the incident or for buying back decryption keys to recover the scrambled files.
According to the data in the latest Sophos Active Adversary report, the median average dwell time in ransomware attacks is now down to just five days.