Belden

Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees’ healthcare benefits and family members covered under their plan.

Belden is a US-based manufacturer of network connectivity devices, including routers, firewalls, switches, cabling, and connectors. Belden generated $2.5 billion in revenue for 2019 and employs approximately 9,000 people.

In November 2020, Belden disclosed they had suffered a cyberattack where threat actors gained access and copied “some current and former employee data, as well as limited company information regarding some business partners.”

In a new disclosure released yesterday, Belden says their investigation has revealed that the threat actors accessed further data during this attack.

This data belongs to spouses, dependents, and relatives of current and former Belden employees who received health insurance from the company.

“In addition to containing personal information of some current and former employees, we subsequently learned that the impacted servers also contained some personal information of some spouses, dependents and relatives of some current and former employees. Further, on or after February 9, 2021, we learned that information exposed in the incident also included health-related information,” Belden disclosed yesterday.

Belden states that the health-related information includes individuals’ names, gender, benefits information, group numbers, coverages, and their relationship to the employee.

The company says they do not believe that stolen data included any information related to health conditions or diagnoses in the accessed data.

Belden has started sending notifications to those impacted by this latest disclosure, which contains free identity monitoring for the victims.

The nature of Belden’s 2020 cyberattack has never been disclosed but was likely a ransomware attack.

During ransomware attacks, threat actors commonly steal unencrypted files before encrypting devices on the network. The attackers then warn the victim that they will publish the stolen data on data leak sites if a ransom is not paid.

It is not known if Belden paid a ransom as part of their cyber attack, but no threat actors have published their data at this time.