BleepingComputer reports that U.S. securities lending platform EquiLend had its employees' data exfiltrated following a ransomware attack in January, which the LockBit ransomware operation has since claimed.
Information compromised in the attack included employees' personally identifiable information, including their names, birthdates, and Social Security numbers, according to breach notification letters sent by EquiLend, which is being managed by a consortium that includes Bank of America, JPMorgan, Goldman Sachs, Morgan Stanley, and other firms. While there has been no evidence indicating misuse of the stolen data, EquiLend employees have been given free identity theft protection services for two years. Such a disclosure comes more than a month after Equilend reported the complete restoration of all client-facing services after some of its systems have been taken down following the incident. EquiLend had also confirmed that none of its customers' data had been impacted by the incident.