A filing with the Maine Attorney General’s Office, which requires organizations to disclose the number of individuals impacted by cybersecurity incidents, revealed that a company operating gas stations in Texas has suffered a data breach affecting more than 377,000 individuals.
The disclosure was made by Gulshan Management Services, Inc., apparently associated with Gulshan Enterprises, which manages roughly 150 Handi Plus and Handi Stop gas stations and convenience stores in Texas.
According to the filing with the Maine AGO, Gulshan detected unauthorized access to its IT systems in late September.
An investigation showed that the attacker had access to the company’s systems for 10 days before being detected, gaining entry following a successful phishing attack.
Before it was expelled from Gulshan’s network, the threat actor stole personal data and deployed ransomware that encrypted files on the company’s systems.
The probe found that personal information such as names, contact details, SSNs, and driver’s license numbers was compromised.
No known ransomware group has publicly claimed responsibility for the attack on Gulshan.
While the absence of a leak site posting can sometimes suggest a ransom has been paid, Gulshan’s disclosure that it restored systems using “known-safe backups” typically indicates the company chose to rebuild rather than negotiate a payment.
Related: Dozens of Major Data Breaches Linked to Single Threat Actor
