"Lighting Giant Acuity Brands Discloses Two Data Breaches"

Lighting and building management giant Acuity Brands has recently publicly disclosed two data breaches it suffered in recent years, including one that may have involved ransomware.  The Atlanta, Georgia-based firm employs roughly 13,000 people and has operations in North America, Europe, and Asia.  Acuity Brands said it became aware of unauthorized access to its systems and data theft in early December 2021.  The investigation into the incident revealed a separate, unrelated breach that occurred in October 2020, which also involved attempts to copy files from compromised systems.  The company stated that an investigation revealed that the information compromised in the two incidents belonged to current and former employees and members of Acuity’s health plan.  There is no indication that customer information was stolen.  The information affected included name, Social Security number, Acuity health plan information, driver’s license number, financial account information, limited health information, and other details related to employment.  Acuity stated that they first informed customers, partners, and others about the breach in December 2021, and the new notification is a follow-up to notify impacted associates and provide them with the necessary resources.  Acuity Brands may be facing legal action as a result of these security incidents.  A California-based class action law firm issued a press release on Wednesday, urging impacted individuals to get in touch.

SecurityWeek reports: "Lighting Giant Acuity Brands Discloses Two Data Breaches"