Sequoia breach sees hackers access customer Social Security numbers and COVID-19 test results

Huge Sequoia data breach leaks personally identifiable data

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

HR and payroll giant Sequoia has said that a data breach exposed critically sensitive information on its users, including salary and benefit information, SSNs and other government-issued IDs, and even COVID-19 data such as vaccination status.

In adata breach noticeto the California attorney general’s office, the company, which has proven popular with SMEs and startups, explained it, “recently became aware that an unauthorized party may have accessed a cloud storage system that contained personal information provided in connection with the Company’s services to its clients, including your employer or, if you are a dependent, your family member’s employer.”

Other data that could be at risk includes names, dates of birth, genders, marital status, and contact information such as work email addresses.

Sequoia data breach

According to the company’s findings - and those of its partners in the investigation includingDellSecureworks - no evidence of malicious tools orransomwarewas found. It seems that the data was exposed between September 22 and October 6, 2022, and was read-only, suggesting that the data should remain untampered with.

Here’s our pick of the best endpoint protection software>A third of all internet users have been victims of a data breach>WhatsApp data breach sees nearly 500 million user records up for sale

In an effort to rectify this significant mishap, Sequoia has extendedID theft protectionand fraud detection service Experian IdentityWorks to its users and their dependents for 36 months.

Furthermore, the company is urging affected users to monitor their credit accounts with reporting companies like Equifax, Experian, and TransUnion, and to consider placing a pin-protected credit freeze to prevent the unauthorized opening of any further accounts in their names.

TechRadar Pro has reached out to Sequoia for further information about the case, including how access to the database was obtained.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the decarbonisation of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

Arcane season 2 act 1 ending explained: who is [SPOILER], when is episode 4 coming out, and your biggest questions answered