Major breach at American debt services firm exposes data of over a million customers
Set Forth reportedly lost sensitive information on many customers
- Set Forth confirms suffering a data breach in May 2023
- Roughly 1.5 million people were affected by the incident
- Set Forth offers 12 months of identity theft protection
American debt services company Set Forth has confirmed suffering a data breach incident in which sensitive information on more than a million people was stolen.
In a data breach notification letter sent to affected customers, the company said it identified “suspicious activity” on its systems on May 21 2024.
After implementing its incident response protocols, and engaging third-party forensic experts which investigated the incidents, the company determined that some personal information from its customers, as well as their spouses, co-applicants, or dependents, was stolen.
Defending the premises
The data stolen in the attack includes people’s names, postal addresses, birth dates, and social security numbers. In a subsequent filing with the Office of the Maine Attorney General, Set Forth confirmed that 1.5 million people were affected by this breach.
At press time, there was no information on who might have stolen the archives. No threat actors have yet assumed responsibility for the break-in.
To prevent similar incidents from happening in the future, Set Forth outlined a number of implementations, including enhanced endpoint monitoring, a global password reset, and additional security controls. Furthermore, the company is now offering identity theft protection services for affected individuals for 12 months, through Cyberscout.
“Again, at this time, there is no evidence that your information has been misused. However, we encourage you to take full advantage of this service offering,” Set Forth concluded in its letter.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
In the meantime, multiple law firms have started looking into the matter, to see if there is grounds for a class-action lawsuit.
Via Cybernews
You might also like
- Halliburton hit by cyberattack disrupting operations
- Here's a list of the best firewalls today
- These are the best endpoint protection tools right now
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.