OmniVision, a California-based imaging sensors manufacturer, has issued a warning following a data breach caused by a Cactus ransomware attack. The breach occurred between September 4 and September 30, 2023, compromising personal information. In response, OmniVision launched a comprehensive investigation with the assistance of cybersecurity experts and notified law enforcement authorities.
The investigation revealed that an unauthorized party accessed certain systems and stole personal information between the aforementioned dates. Although the specific data compromised has been redacted from the notification, the breach included sensitive documents such as passport scans, nondisclosure agreements, contracts, and other confidential documents. The Cactus ransomware gang, responsible for the attack, claimed the breach and released all stolen data in a ZIP archive available for free download on the dark web.
OmniVision has taken proactive measures to enhance its security posture and detect suspicious activity faster. Additionally, the company is offering affected individuals 24-month credit monitoring and identity theft restoration services as part of their response to the breach. Recipients of the notice are encouraged to enroll in these services and remain vigilant against potential fraudulent activity, regularly reviewing credit reports and account statements, and promptly reporting any unusual behavior to their financial institution.
