TZUTC: -0500   
   MSGID: 1077.consprcy@1:2320/105 2c776def   
   PID: Synchronet 3.20a-Linux master/acc19483f Apr 26 202 GCC 12.2.0   
   TID: SBBSecho 3.20-Linux master/acc19483f Apr 26 2024 23:04 GCC 12.2.0   
   BBSID: CAPCITY2   
   CHRS: ASCII 1   
   VeriSource bumps up potential victim count of data breach to 4 million   
      
   Date:   
   Tue, 29 Apr 2025 15:00:00 +0000   
      
   Description:   
   The company lost sensitive data, including Social Security numbers.   
      
   FULL STORY   
      
   Four million people may have had their sensitive data stolen in the    
   Verisource data breach that happened last year. The company confirmed the    
   news in a new filing with the Office of the Maine Attorney General, as well    
   as in a data breach notification letter sent to affected individuals.    
      
   VeriSource Services is a Houston-based employee benefits administration   
   company, with clients in different industries in the US, including    
   healthcare, education, and the public sector.    
      
   It recently started sending out data breach notification letters, in which it   
   said that it became aware of unusual activity that disrupted access to    
   certain systems, on February 28, 2024. The subsequent investigation, which   
   concluded on April 17, 2025, determined that threat actors stole certain   
   personal information the day before being spotted.    
      
    Unknown attackers    
      
   The information stolen includes peoples names, addresses, dates of birth,   
   gender information, and/or Social Security numbers (SSN). Please note that    
   VSI has no evidence of any actual or suspected misuse of information involved   
   in this incident, the company said.    
      
   It is also worth mentioning that no one has so far assumed responsibility for   
   the attack and the data has not surfaced anywhere on the dark web. Therefore,   
   it is difficult to determine if this was a simple smash-and-grab, or a   
   ransomware attack.    
      
   While the letter didnt say how many people were affected by the breach, a   
   listing on the website of the Maine Attorney Generals Office puts the number   
   of victims at four million, up from 55,000 in May 2024, and another 112,000    
   in September 2024.    
      
   VeriSource said that it offers 12 months of free credit monitoring, identity   
   theft protection, and identity restoration services to the victims. Although   
   it might sound too little too late, the fact that the data hasnt surfaced yet   
   could mean the offering might make sense.    
      
    Via BleepingComputer   
      
   ======================================================================   
   Link to news story:   
   https://www.techradar.com/pro/security/verisource-bumps-up-potential-victim-co   
   unt-of-data-breach-to-4-million   
      
   $$   
   --- SBBSecho 3.20-Linux   
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)   
   SEEN-BY: 105/81 106/201 128/187 129/305 153/7715 154/110 218/700 226/30   
   SEEN-BY: 227/114 229/110 111 114 206 300 307 317 400 426 428 470 664   
   SEEN-BY: 229/700 705 266/512 291/111 320/219 322/757 342/200 396/45   
   SEEN-BY: 460/58 712/848 902/26 2320/0 105 3634/12 5075/35   
   PATH: 2320/105 229/426