Wright & Filippis

Wright & Filippis operates as a manufacturing company headquartered in Michigan, United States. Its core activities involve producing goods or providing services that necessitate the handling of highly sensitive consumer information. This includes personal identifiers like names and dates of birth, financial details such as account numbers, and protected health data encompassing patient numbers and health insurance information. The nature of the compromised data strongly indicates involvement in sectors requiring stringent data protection, likely linked to healthcare services or rehabilitation support, aligning with one of its known aliases, Wright & Filippis Rehabilitation. The company serves consumers whose personal and medical information is processed as part of its business operations.

The organisation encountered a significant cybersecurity incident when it was targeted by a ransomware attack discovered around November 18, 2022. This breach resulted in unauthorized access to its systems, compromising the sensitive consumer data entrusted to it. Upon discovering the attack, Wright & Filippis engaged external cybersecurity experts to conduct a thorough investigation into the nature and scope of the incident. Following this investigation, the company fulfilled its regulatory obligations by issuing formal data breach notifications to all individuals potentially affected by the unauthorized access. These notifications detailed the types of information exposed and provided guidance on steps consumers could take to protect themselves against potential identity theft and fraud arising from the breach. This incident underscores the company's role in managing substantial volumes of protected health and financial information and its requirement to adhere to data breach notification laws.