Cyber Incident Victim: Pivot Technology Solutions
Date:
Jun 2020
Location:
United States of America
Summary
Pivot Technology Solutions experienced a failed ransomware attack where encryption attempts were thwarted by prompt defensive measures, preventing operational disruption. However, attackers successfully exfiltrated sensitive personal information belonging to U.S. employees and consultants, including names, addresses, Social Security numbers, payroll details, banking information, and dependent data. The breach involved unauthorized access to systems, with compromised data encompassing insurance coverage specifics, benefits, and demographic attributes such as gender and disability status. The incident prompted an internal investigation to assess the scope of impacted information following detection of the exfiltration.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 12, 2020, Pivot Technology Solutions and its affiliated entities experienced a cybersecurity attack involving an unauthorized third party attempting to encrypt portions of their technology infrastructure. The managed service provider detected the incident promptly and implemented countermeasures that prevented widespread encryption, avoiding operational disruptions. While the ransomware itself failed to compromise systems significantly, subsequent investigation revealed that attackers had exfiltrated data during the breach. By July 1, 2020, Pivot confirmed unauthorized access to personal information belonging to U.S. employees and consultants, initiating an immediate internal investigation to assess the scope. The probe concluded on July 7, 2020, identifying compromised data categories but did not disclose technical specifics about the ransomware variant or threat actors involved. Affiliated companies named in the incident included subsidiaries such as TeraMach Technologies, ProSys Information Systems, and entities acquired through mergers like Sigma Technologies Solutions.
The exfiltrated data encompassed highly sensitive personal and financial details, including full names, addresses, dates of birth, Social Security numbers, banking information with routing and account numbers, payroll details, insurance coverage types, and dependent information. Additional compromised records included gender, student status, disability status, and income withholding data. Pivot issued breach notifications to affected individuals and regulatory bodies, submitting a copy to the California Attorney General’s Office as part of compliance efforts. The company emphasized its defensive measures limited the attack’s impact but acknowledged the data theft’s severity in communications. Media coverage by BleepingComputer first brought public attention to the incident, though no operational or financial consequences beyond data exposure were reported in available disclosures.