General Electric (GE) has revealed that one of its service providers has fallen victim to a data breach which resulted in the personally identifiable information of current and former employees as well as beneficiaries being exposed online.
In a notice of data breach filed with the Office of the California Attorney General, the multinational company explained that Canon Business Process Services (Canon), a GE service provider, had one of its employee email accounts breached by an unauthorized party last month, saying:
“We were notified on February 28, 2020 that Canon had determined that, between approximately February 3 – 14, 2020, an unauthorized party gained access to an email account that contained documents of certain GE employees, former employees and beneficiaries entitled to benefits that were maintained on Canon’s systems.”
The documents obtained by the unauthorized party may have contained the names, addresses, Social Security numbers, driver’s license numbers, bank account numbers, passport numbers, dates of birth and other information of GE employees and their beneficiaries.
Service provider hack
According to the notice of data breach, GE’s systems were not affected by Canon’s security breach, though the company has indicated that it is taking preventative measures to prevent a similar incident from taking place in the future.
For the GE employees and subsidiaries affected, Canon is offering identity protection and credit monitoring services for two years at no cost through Experian. However, they’ll have to sign up by June 30th to take advantage of Canon’s offer.
GE has also set up a support hotline which affected individuals can call for more information on the incident.