Recently, Optoma Technology, Inc. reported a data breach following a ransomware attack in which unauthorized parties were able to access the company’s computer system for a period of about ten days. According to Optoma, the breach resulted in the following types of information being compromised: names, Social Security numbers, driver’s license numbers, state identification numbers, financial account information, payment information, health insurance information, username and password. On May 24, 2022, Optoma filed official notice of the breach and sent out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Optoma Technology data breach, please see our recent piece on the topic here.
Additional Details About the Optoma Technology Data Breach
What we know about the Optoma data breach comes primarily from the company’s recent filing with various state attorneys general. It appears that, on May 1, 2022, Optoma first detected unusual activity on some of its computer systems. The company disconnected the affected devices from its network and launched an investigation into the incident.
Optoma notes that its investigation is still ongoing; however, the company has confirmed that it was the target of a ransomware attack. As a result of the attack, the unauthorized parties had access to certain files on the Optoma network between April 21, 2022 and May 1, 2022.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Optoma Technology then reviewed the affected files to determine exactly what information was compromised. While the company is still in the process of identifying all affected parties, it notes that the breached information may include an individual’s name, Social Security number, driver’s license or state identification number, government-issued identification card, financial account information or payment information, health insurance information, username and password.
On May 24, 2022, Optoma Technology sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About Optoma Technology, Inc.
Optoma Technology, Inc. is an electronic device manufacturer based in Fremont, California. The company specializes in creating visual displays, such as projectors, LED displays, and interactive flat panels. Optoma Technology is the U.S. headquarters for The Optoma Group, with continental headquarters also in Europe and Asia. Optoma Technology, Inc. employs more than 104 people and generates approximately $131 million in annual revenue.
What Is a Ransomware Attack?
As mentioned above, Optoma reports that the recent data breach was the result of a ransomware attack against the company. Ransomware attacks have become increasingly common in recent years. In fact, the number of ransomware attacks against U.S. companies more than doubled between 2020 and 2021.
In a typical ransomware attack, hackers install malicious software (or “malware”) on the victim’s device or computer network. This malware encrypts, or locks, the victim’s data on the device or network, so when the victim attempts to log in, they can’t. Instead, the victim is met with a message demanding they pay ransom in exchange for access to their device. The idea behind a ransomware attack is that the victim will pay to regain access to their computer or network.
However, more recently, hackers have started to rely on a more insidious version of the typical ransomware attack by threatening to publish data obtained from the compromised network on the Dark Web. If information is posted on the Dark Web, it is accessible to millions of people, most of which are looking for stolen data. Thus, from the hacker’s perspective, the victim’s fear of having their data posted on the Dark Web incentivizes them to pay the ransom because the risk of identity theft or fraud increases substantially once their information appears on the Dark Web.