Greylock McKinnon Data Breach Affects 341,650 People

What Happened?

On May 30, 2023, Greylock McKinnon Associates, Inc. detected unusual activity on their internal network. This was the beginning of a sophisticated cyberattack which, upon extensive forensic review, was confirmed on February 5, 2024, to have compromised sensitive personal information. The types of information exposed include names, addresses, medical and health insurance information, dates of birth, and Social Security numbers. This breach has affected a significant number of individuals across the United States, with a total of 341,650 people impacted.

Breach Discovered on February 7, 2024

The breach was first discovered by the company on February 7, 2024, and the affected consumers were notified on April 5, 2024, through written communication sent via U.S. Mail. The company has taken several steps to address and mitigate the breach, including consulting with third-party cybersecurity specialists and notifying law enforcement.

The personal data exposed in this breach could potentially be used for identity theft and other fraudulent activities. Therefore, it is crucial for affected individuals to take immediate steps to protect their information.

Steps to Take if You Are Affected

1. Monitor Your Accounts: Regularly review your bank, credit card, and other financial statements for any unauthorized activity.
2. Credit Monitoring: Consider enrolling in a free credit monitoring service. Greylock McKinnon Associates is offering affected individuals complimentary access to Experian IdentityWorks for 12 months. You can enroll by visiting Experian IdentityWorks and using the provided activation code.
3. Place a Credit Freeze: This prevents creditors from accessing your credit report, which can stop new account openings in your name. Contact each of the three major credit bureaus to place a freeze:
1. Equifax
2. Experian
3. TransUnion

1. Set Fraud Alerts: Place an initial or extended fraud alert on your credit reports to warn creditors that you may be a victim of identity theft.
2. Report to Authorities: If you suspect identity theft, file a report with your local law enforcement, and consider contacting the Federal Trade Commission through their identity theft reporting website, IdentityTheft.gov.

Additional Resources and Assistance

For further assistance and to learn more about protecting yourself from identity theft, you can visit the official pages of the state Attorney Generals where the breach was reported:

• Maine Attorney General's Office
• Texas Attorney General's Office
• California Attorney General's Office