Electronics and home appliance insurance provider Asurion paid $300,000 ransom to an extortionist after private information of employees was stolen.
The extortionist claimed to have stolen the data containing not just employee information of Asurion but also its millions of customers. According to Tennessean, the FBI has identified the suspect as Nicholas Burks, a former employee at the company who was fired last March.
According to the court records, the suspect claimed in an email to have more than 100 terabytes sensitive data of Asurion. This data contains the social security numbers, addresses, phone numbers and account numbers of employees and Asurion customers.
The suspect was caught Tuesday morning but is still not charged with a crime. The FBI is still conducting an investigation to get more evidence from the suspect.
According to the company’s spokeswoman, they still cannot provide any information as the case is still active. However, Asurion already alerted its employees about the data breach.
Spokeswoman Nicole Miller said, “At this point, there is no evidence to suggest that sensitive customer data has been compromised. Based on our review, the person had limited information regarding a small number of employees, as well as general company information. We are supporting our employees through identity theft protection services.”
Burks threatened the seven members of Asurion executives on email to leak the information to Asurion’s rival companies if he was not paid $350k ransom in Bitcoin within the first 24 hours. According to the court records, Asurion paid the amount in instalments earlier this August. The company paid $50,000 a day to stall the suspect from conducting an internal investigation and contacting the FBI for help.
Upon investigation, Asurion was able to detect a missing corporate laptop with its last known login traced back to Burks. The company also found out that Burks also stole four external hard drives together with the laptop and even tried to access the corporate network before being fired.
In the email, the suspect said that his only motivation was for money. The FBI applied for a search warrant to Burks car and home to recover copies of the data from his computer. No additional information was provided by the FBI regarding their application.
Asurion is headquartered in Nashville with more than 800 employees. Recently, it has doubled its Houston workforce, creating more than 430 jobs.
