IMA Diligence Services says attackers stole sensitive personal data from a legacy server managed by a third party, affecting 525,306 people. The company says the intruders accessed the server between December 8 and December 16 and exfiltrated files containing names, addresses, Social Security numbers, driver's license numbers, financial account and credit card data, medical and health insurance information, and in some cases passport and taxpayer ID numbers. SecurityWeek says the Genesis ransomware group previously claimed the attack and said it stole 700 GB of data.
Why it matters: This is a high-impact breach because it exposed the kinds of data that can be used for identity theft, fraud, and medical or financial scams. Affected people should watch for the company's notice, enroll in credit monitoring, and consider fraud alerts or account monitoring, while defenders should review third-party legacy systems and data-retention exposure.
Ionut Arghire
2026.06.03
100% relevant
No existing tracked story covers this specific IMA Diligence Services breach event; this article appears to be the first concrete disclosure with victim count, data types, timeline, and a possible Genesis ransomware link.
← Back to all stories