Massive Data Breach at Employee Benefits Company Exposes 4 Million Records
A significant data breach at VeriSource Services, an employee benefits company based in Houston, Texas, has potentially compromised the personal identifiable information of 4 million individuals. The breach, first detected on February 28, 2024, involved unauthorized access to sensitive data including names, addresses, dates of birth, genders, and Social Security numbers.
VeriSource initially reported that 112,000 people were affected when they first disclosed the breach in September 2024. However, a more comprehensive review concluded earlier this year revealed the much larger scope of the incident. The company has begun notifying affected individuals who currently work for or were previously employed by its clients.
What Happened?
According to VeriSource’s notice to the Maine Attorney General’s office, the breach was discovered on February 28, 2024. An independent cybersecurity firm was immediately engaged to conduct a forensic investigation, and steps were taken to secure the company’s environment. VeriSource has since implemented additional security measures to prevent similar incidents.
Protecting Yourself
If you’re among those affected, VeriSource is offering 12 months of identity theft protection and credit monitoring services through IDX. To enroll, you can call 1-877-520-4007 or visit the designated webpage using the enrollment code provided in your breach notice.
Here are key steps to take if your data was compromised:
- Sign up for the free identity theft protection offered by VeriSource through IDX for one year. After the year ends, consider continuing with a service like Aura, which CNET recommends.
- Scan your credit reports from Equifax, Experian, and TransUnion for any inaccuracies. You can obtain free credit reports at AnnualCreditReport.com.
- Consider freezing your credit to prevent unauthorized access. This will also require you to unfreeze your credit when applying for legitimate credit inquiries.
- Alternatively, request a fraud alert on your credit reports for up to one year. This requires creditors to verify your identity before extending credit.
Experts emphasize that while the breach is concerning, proactive measures can significantly reduce the risk of identity theft. “As soon as VSI discovered the incident, we took steps to secure our environment and enlisted a leading, independent cybersecurity firm to conduct a forensic investigation,” VeriSource stated in their letter to affected individuals.
By taking immediate action and remaining vigilant, you can protect yourself from potential fallout related to the VeriSource Services breach.
