Belden, the manufacturer of specialty networking solutions, has released an update regarding a November 2020 security incident in which a threat actor compromised a limited number of Belden’s file servers and gained unauthorized access to the company’s data.
At the time, Belden said that the intruders may have copied some “personal information of current and former employees and limited company information regarding some business partners.” The company described the incident as a “sophisticated cyberattack”
Now, the manufacturer revealed that additional data was accessed during the November 2020 data breach.
“In addition to containing personal information of some current and former employees, we subsequently learned that the impacted servers also contained some personal information of some spouses, dependents and relatives of some current and former employees. Further, on or after February 9, 2021, we learned that information exposed in the incident also included health-related information,” the company said in a recent statement.
The health-related data included individuals’ names, gender and benefits information, such as their UMI (member) number, group number, coverage category, primary source of coverage, the effective date of coverage, additional sources of coverages, the effective date of any additional coverage, their relationship to a Belden employee and other benefits information.
Belden said it has no reason to believe that any specific information related to any specific health conditions or diagnostic information was compromised in the incident.
“As we have previously stated, our investigation into this incident is ongoing. However, we are confident that we have stopped further unauthorized access of personal data on our servers. In addition to notifying law enforcement and regulatory authorities, we are continuously monitoring for any suspicious activity on our systems and have deployed additional resources to reinforce the security of our systems,” the company said.