Oldenburg Group Incorporated and Visa Lighting have informed individuals about a data security incident potentially affecting personal information. Between May 4 and May 5, 2024, the Company experienced a ransomware attack involving the Play ransomware group. This attack led to unauthorized access to their primary servers, which may have included personal information. Although it is not confirmed if personal information was exfiltrated, the Company is taking precautionary measures.
The investigation, which began shortly after the attack, revealed that the compromised data might include names, email addresses, addresses, dates of birth, Social Security numbers, driver’s license numbers, financial account information, tax information, medical details, and health insurance information. The Company has been working to rebuild its systems and identify potentially affected individuals, with an extensive search of impacted data.
To address the breach, the Company has engaged third-party forensics and IT services and outside counsel. They are enhancing their security protocols to prevent future incidents. Additionally, the Company is offering 12 to 24 months of credit monitoring and identity protection services through IDX Identity.
Individuals are advised to monitor their financial statements and credit reports for unauthorized activity. The Company has provided resources and guidance on how to protect personal information and enroll in the offered credit monitoring and identity protection services.