Cyber Incident Victim: Metaformers Inc.
Date:
Jul 2020
Location:
United States of America
Summary
A cybersecurity breach impacted a municipal government's employees when a third-party contractor's email server was compromised, exposing personal information of current and former workers. The contractor, Metaformers Inc., notified the city of the incident after unauthorized access to their systems, which supported technology projects for the municipality. The incident jeopardized sensitive employee data, though specific details regarding the scope or nature of the accessed information were not publicly disclosed. The contractor's role in managing city-related communications led to the exposure, highlighting risks associated with third-party vendor vulnerabilities in public sector operations.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On July 1, 2020, a security breach occurred involving Metaformers Inc., a third-party contractor engaged in technology projects for the city of Lexington, Kentucky. The incident compromised the company’s email server, potentially exposing personal information belonging to current and former Lexington city employees. Metaformers discovered unauthorized access to its systems but did not immediately disclose the intrusion timeline or the specific method of compromise. The city administration remained unaware of the incident until September 28, 2020, when Metaformers formally notified them of the breach. No evidence suggested the attackers targeted city-operated infrastructure directly, as the vulnerability resided within the contractor’s communications platform.
The breach placed sensitive employee data at risk, though the city’s public statement did not specify the exact types of information exposed or the number of individuals affected. Upon notification, Lexington officials issued a press release confirming the third-party incident and its potential impact on personnel records. Metaformers did not publicly detail its forensic investigation findings, containment measures, or whether data was exfiltrated or misused. The city’s response focused on acknowledging the event through official channels, with no immediate reports of credit monitoring services being offered to affected employees. Media coverage by outlets like WTVQ amplified public awareness of the incident, though neither Metaformers nor the city provided subsequent updates regarding remediation efforts or attacker attribution.