The U.S. Atlantic States Marine Fisheries Commission (ASMFC) has disclosed a significant data breach affecting approximately 10,000 individuals, with a notable concentration of those impacted residing in Maine. This breach, attributed to a cyberattack by the 8Base ransomware group in April 2024, compromised a wide array of sensitive personal and financial information stored within ASMFC’s electronic systems. The incident, initially detected during routine security monitoring, prompted ASMFC to swiftly notify law enforcement and engage third-party cybersecurity experts to conduct a thorough investigation.
The breach timeline, outlined by ASMFC, indicates that the unauthorized access began around March 14, 2024, and was subsequently contained by April 6, 2024. During this period, hackers gained access to a company database containing extensive personal identifiable information (PII), including names, addresses, Social Security numbers, and financial records. ASMFC has assured affected individuals that while there is no current evidence of misuse, it is taking proactive steps to mitigate potential risks.
In response to the breach, ASMFC is offering affected users complimentary identity theft protection services. These services include 24 months of Credit and CyberScan monitoring, designed to detect any suspicious activity related to personal credit profiles, along with a $1,000,000 insurance reimbursement policy for identity theft-related expenses. Additionally, ASMFC is providing fully managed ID theft recovery services to assist individuals in reclaiming their identities should unauthorized use of their personal information occur.
The ASMFC, established to promote sustainable fisheries management along the Atlantic seaboard, emphasizes its commitment to safeguarding the privacy and security of stakeholders’ data. The incident underscores the ongoing cybersecurity challenges faced by organizations entrusted with managing sensitive information and highlights the critical need for robust cybersecurity measures and proactive breach response strategies. ASMFC continues to collaborate closely with law enforcement agencies and cybersecurity professionals to strengthen its defenses, enhance incident response protocols, and ensure the integrity and confidentiality of data entrusted to its care.
