The Insight Meditation Society, Inc. (IMS) has recently informed individuals about a data incident that potentially involved their personal information. On March 23, 2024, IMS discovered that data from their systems had been published on the Internet. This led IMS to quickly initiate an investigation to determine the full scope of the incident. The investigation revealed that an unauthorized individual had downloaded a single file from the IMS web server, which contained applicant information but did not include any payment details. Importantly, IMS confirmed that no other computers, servers, or systems were compromised.
A thorough review of the affected data was conducted by a data review team and completed on May 30, 2024. This review identified that personal information was indeed part of the downloaded file. IMS undertook further efforts to confirm the identities and address information of affected individuals to ensure proper notification. By June 13, 2024, IMS had completed these efforts, although there was no evidence suggesting that the information had been misused or that any attempted misuse had occurred.
The type of personal information potentially involved includes names and additional data elements, but it is important to note that payment card information was not included in the breach. IMS has assured affected individuals that the scope of the data breach was limited to applicant information and did not compromise any sensitive financial details.
In response to the incident, IMS has worked diligently to address and remedy the issue. They collaborated with their web developer to rectify the vulnerability in their web server and enhance overall security measures. IMS remains committed to safeguarding personal information and has taken all necessary steps to prevent such incidents in the future.
Reference:
