Tacoma, Wash.-based MultiCare Health System said that some of its employees' personal data was scooped up in a ransomware attack against third-party printing vendor Kaye-Smith.
MultiCare was notified Sept. 30 that the names, addresses and Social Security numbers for "a number" of current and former employees were stolen in the cyberattack, the health system said in an Oct. 11 news release.
Kaye-Smith had confirmed in early June that it was the victim of the ransomware event and took steps to resecure and monitor for any exposure of the data, the health system said. The vendor, which prints W-2 and 1099 forms, has had no evidence that any of the information has been made public. The company will begin notifying affected MultiCare employees this week and offer them two years of free credit monitoring.