Agriculture provider Monsanto has admitted to a breach of its servers, affecting 1300 farmers, with some credit card information leaked.
A letter dated 14 May from the company’s Precision Planting unit to the Office of the Attorney General in Baltimore warned that a number of citizens in the area had been affected by the breach.
The breach was detected on 27 March, when Monsanto uncovered unauthorised access to its systems from an outside party, who compromised files on the affected servers with personal information, including customer names, addresses, tax identification numbers, social security numbers and in some cases financial account information.
Some human resources data was stored on the servers too, including tax forms that contained employee names, addresses and social security numbers and some driver’s license numbers.
“We believe this unauthorized access was not an attempt to steal customer information; however, it is possible that files containing personal information may have been accessed and therefore we are making this notification,” said Reuben Shelton, senior counsel for Monsanto, in the letter.
“The incident has been contained and we have partnered with a leading forensics firm to understand and remediate this issue. In addition, we have asked the Federal Bureau of Investigation for assistance.
“We are not aware of any misuse of any information from this incident, but we are notifying all of the affected individuals and providing them with free one-year membership of credit monitoring and identity theft insurance.”
On 24 May, an Anonymous group called Operation Green Rights claimed it had attacked Monsanto and a range of other firms in an effort to shine a light on what it called the “polluting and contaminating” of natural resources.
Later in the month, the group said: “ We have found many confidential documents within an account of a former Monsanto employee.
“Therefore, we are following up by obtaining archives from two other Monsanto subsidiaries and are investigating further.”