Employee profit administration firm Verisource Services Warning Warning that a data violation exposed the personal information of four million people.
Verisource is a Texas-based employee profit administration and HR outsourcing solution provider with diverse customers across America
The firm has initiated data violation notifications to impress the affected persons about a cybercity incident in February 2024, but took them to April 2025 to evaluate its impact.
According to Verisource investigation, the incident highlighted sensitive information to external danger actors.
“On February 28, 2024, VSI became aware of unusual activity, which disrupted access to certain systems,” written in the notice of the firm shared with the authorities.
“On Discovery, VSI immediately took steps to secure their network and to check a major, independent digital forensic and event reaction firm what happened and whether any sensitive data could be affected.”
“Later investigation revealed that some personal information could be obtained on February 27, 2024 or without an Authority by an unknown actor.”
The process of determining which information was exposed to their information as a result of this violation, was concluded only on April 17, 2025, and a data notices were broadcast on 23 April.
Shared with sample verissors Office of Attorney General of MainPotentially affected data types include the full name, address, date of birth, gender and social security numbers (SSN) of an employee.
Verisource now provides twelve -month credit monitoring, identity protection, and identity restoration services for those affected.
It should be clarified that Verisource tried to inform the already affected persons, sending letters to 55,000 people in May 2024 and another 112,000 in September 2024. However, these figures are a total of 4,000,000.
If you have received a notification from Verisource, even if it is late late, it is important to take advantage of the credit and identity security service introduced and be cautious to the fishing attacks as soon as possible.
Bleepingcomputer has not found any verisource entries on ransomware forcibly recovery portals, so the exact nature of cyber security occur is not clear.
