A union in Missouri that represents workers from businesses such as Schnucks, Dierbergs and Shop ‘n Save said this week that the union pension plan fell victim to a ransomware attack earlier this year, which may have leaked the private information of current and former workers.
Ransomware is a type of software made to hold a computer system hostage, blocking or limiting access to files and often times demanding a ransom to be paid. United Food and Commercial Workers (UFCW) Local 655 in Ballwin, Mo. said the attack happened on or around July 21.
According to Collin Reischman, communications director for the union, the UFCW pension fund is considered “a separate entity” from UFCW Local 655. He said UFCW Local 655 was apparently alerted to the attack when the pension fund learned of it earlier this year.
UFCW said it launched an investigation with third-party forensic experts, but found “no evidence that any sensitive information was accessed or acquired.” An investigation showed that “an unauthorized user” gained access to its server on July 14, a week before the ransomware attack.
As a precaution, letters were sent out this month to current and former participants of the union pension plan, notifying them of the attack. The union said information that may have been “potentially affected” included individuals’ names, birth dates, Social Security numbers as well as bank account information “for a subset of individuals.”
In addition, UFCW said it is offering affected individuals access to 12 months of credit monitoring and identity theft restoration services at no cost.
Anyone who believes they may have been affected is asked to call 1-855-366-0140. UFCW Local 655 said on Facebook and Twitter that those who received a letter from the pension plan and have questions may call 636-736-2777.