Subj : VeriSource bumps up poten
To   : All
From : Mike Powell
Date : Wed Apr 30 2025 09:06 am

VeriSource bumps up potential victim count of data breach to 4 million

Date:
Tue, 29 Apr 2025 15:00:00 +0000

Description:
The company lost sensitive data, including Social Security numbers.

FULL STORY

Four million people may have had their sensitive data stolen in the
Verisource data breach that happened last year. The company confirmed the
news in a new filing with the Office of the Maine Attorney General, as well
as in a data breach notification letter sent to affected individuals.

VeriSource Services is a Houston-based employee benefits administration
company, with clients in different industries in the US, including
healthcare, education, and the public sector.

It recently started sending out data breach notification letters, in which it
said that it became aware of unusual activity that disrupted access to
certain systems, on February 28, 2024. The subsequent investigation, which
concluded on April 17, 2025, determined that threat actors stole certain
personal information the day before being spotted.

Unknown attackers

The information stolen includes peoples names, addresses, dates of birth,
gender information, and/or Social Security numbers (SSN). Please note that
VSI has no evidence of any actual or suspected misuse of information involved
in this incident, the company said.

It is also worth mentioning that no one has so far assumed responsibility for
the attack and the data has not surfaced anywhere on the dark web. Therefore,
it is difficult to determine if this was a simple smash-and-grab, or a
ransomware attack.

While the letter didnt say how many people were affected by the breach, a
listing on the website of the Maine Attorney Generals Office puts the number
of victims at four million, up from 55,000 in May 2024, and another 112,000
in September 2024.

VeriSource said that it offers 12 months of free credit monitoring, identity
theft protection, and identity restoration services to the victims. Although
it might sound too little too late, the fact that the data hasnt surfaced yet
could mean the offering might make sense.

Via BleepingComputer

======================================================================
Link to news story:
https://www.techradar.com/pro/security/verisource-bumps-up-potential-victim-co
unt-of-data-breach-to-4-million

$$
--- SBBSecho 3.20-Linux
* Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)

You are viewing proxied material from cvs.synchro.net. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.