Still No Solution: Ransomware Attack Against Wolverine Solutions Group
Dana Nessel, the Michigan Atty. General has issued a warning to residents that 600,000 residents of Michigan needs to monitor their bank accounts due to the Wolverine Solution Group’s possible data breach due to ransomware infection that occured last Sep 2018. The official is highly recommending people who received a notification letter confirming that their personally identifiable information was included in the data breached to sign-up for monitoring services to further safeguard themselves from possible identity theft.
“Data breaches can be devastating to the affected individuals. It’s important this office provide affected customers with any and all available resources to help limit the effects of this – or any – breach. And today, we’re doing just that,” explained Nessel.
The warning has been seconded by Anita Fox, Director of the Department of Insurance and Financial Services (DIFS). “Wolverine is offering two levels of identity protection to individuals affected by the breach. If you receive a letter from the company, we urge you to read it carefully and consider enrolling in the free credit monitoring service,” added Fox.
An official notice of breach has been released by Wolverine Solution Group, which details the events of the breach, with their latest updated dated Feb 27, 2019. The company was infected by a malicious ransomware, which they fought hard against, resisting paying for the ransom.
“A team of forensic experts arrived on October 3, 2018 to begin the decryption and restoration process. All impacted files needed to be carefully “cleaned” of any virus remnants prior to their review by forensic investigators. Most critical programs requiring decryption were restored by October 25, 2018, and WSG’s critical operations were running by November 5, 2018. However, the forensic team continued its decryption efforts on the impacted files to determine the type of information that was affected, the identities of our Healthcare Clients, and the specific individuals involved,” explained in their official blog.
The forensic investigation continued until early February, to a point that the company discovered the names of the affected Healthcare institutions where the data belonged to prior to the infection. Wolverine Solutions Group claims that all people that had their data encrypted were already accounted for, and they should have received a formal letter from them informing about the incident.
“WSG is taking steps to guard against identity theft or fraud. We arranged for affected individuals to have AllClear ID protect their identity. The following identity protection services start on the date of the individual receiving a notice letter and can be used at any time during the next 12 months. AllClear Identity Repair: This service is automatically available to you with no enrollment required. If a problem arises, simply call 855-861-4034 and a dedicated investigator will help recover financial losses and restore your credit. And AllClear Fraud Alerts with Credit Monitoring: This service offers the ability to set, renew, and remove 90-day fraud alerts on your credit file to help protect you from credit fraud. In addition, it provides credit monitoring services, a once annual credit score and credit report, and a $1 million identity theft insurance policy,” concluded Wolverine Solutions Group
Julia Sowells946 Posts
Julia Sowells has been a technology and security professional. For a decade of experience in technology, she has worked on dozens of large-scale enterprise security projects, and even writing technical articles and has worked as a technical editor for Rural Press Magazine. She now lives and works in New York, where she maintains her own consulting firm with her role as security consultant while continuing to write for Hacker Combat in her limited spare time.