A rack of computer servers. (Mark Henninger/Imagic Digital)

Econsult Solutions, an economic analysis and consulting company whose clients include the City of Philadelphia, Pew Charitable Trusts, and other major institutions in the region, has reportedly suffered a data breach that exposed employees’ financial information to hackers. 

According to internal messages shared with Billy Penn, the company’s data is being held for ransom. 

Current Econsult employees appear to have received an email from management about an “IT incident” that exposed the company’s data, including some workers’ 2022 W-2, with their social security number included, per the email.

It’s currently unclear whether data generated through the company’s many partnerships — including with city and state government — has been exposed in the ransomware attack. 

Wendy Gabriele, Econsult’s chief administrative officer and treasurer, said she couldn’t get into specifics due to the company’s ongoing investigation, but shared the following statement:

“Earlier this month, ESI discovered a cybersecurity incident that temporarily impacted some of our network systems. We launched an investigation and are working diligently with the assistance of external experts to identify the nature and scope of information that may have been involved. 

ESI takes data security and the protection of all data in our possession very seriously. We are in the process of providing appropriate notice to all clients and potentially affected individuals as we learn additional information.”

The U.S. Cybersecurity and Infrastructure Security Agency has noted that this kind of cyberattack is on the rise and becoming more sophisticated. 

A 2022 report from the agency describes trends among ransomware hackers, including an increased emphasis on phishing, exploiting cloud services, sharing victim information with other hackers, and targeting mid-size companies instead of massive firms. 

It isn’t known how many Econsult employees’ information was affected in the current attack.

The City of Philadelphia is one of Econsult’s clients and was advised of the breach, according to city spokesperson Sarah Peterson, who noted that the information used to generate reports for the city is all publicly available. 

“Econsult notified the city on June 27, 2023, regarding potential exposure,” Peterson said. “Econsult plans to keep the city posted as progress continues to fully resolve this matter.”

Here’s what else we know.

What is Econsult?

Formed in 1979, Econsult Solutions was originally focused on providing expert testimony and litigation support on economic issues, according to the firm’s website, from employment disputes to damages analysis in personal injury and wrongful death cases. 

Then came a pivot away from the courtroom toward consulting, research, and policy analysis, per the site. Quantitative and qualitative risk assessment, scenario analysis, market research, demographic analysis, and more now fall under the company’s purview. 

Prominent clients include Harris Blitzer Sports Entertainment (majority owners of the 76ers), SEPTA, PennDOT, the City of Newark, and Amtrak, among others. 

So the data is being held for ransom?

When Econsult management alerted workers to the situation, according to screenshots shared with Billy Penn, they noted that the hackers have “put a clock” on the information they have before it is released to unsavory parts of the internet. As of the sending of the email, the firm had 12 days to pay the ransom, management told recipients. 

That makes this a typical ransomware scenario, when hackers steal critical information, prove they have it to the victim, and then offer it back to them for a fee.

Cybersecurity experts are predicting ever increasing damage costs from ransomware in the coming years as the practice has grown sharply, particularly since 2021. 

What happens next?

That remains to be seen, but Econsult is working with a cyber security company and has already moved to protect exposed workers, the email to staff said. 

A credit monitoring service will be provided to impacted workers at no extra cost, according to Econsult’s internal communications.

Jordan Levy is a general assignment reporter at Billy Penn, always aiming to help Philadelphians share their stories. Formerly, he has worked at Document Journal, n+1 Magazine, and The New Republic. He...