- Set Forth confirms that there was a data breach in May 2023
- About 1.5 million people were affected by the incident
- Set Forth offers 12 months of identity theft protection
US debt servicing company Set Forth has confirmed a data breach in which sensitive information about more than a million people was stolen.
In a data breach notification letter sent to affected customers, the company said it identified “suspicious activity” on its systems on May 21, 2024.
After implementing incident response protocols and bringing in third-party forensic experts to investigate the incidents, the company determined that certain personal information of its customers, as well as their spouses, co-applicants or family members, had been stolen.
Defending the property
The data stolen in the attack includes people’s names, postal addresses, dates of birth and social security numbers. In a subsequent filing with the Maine Attorney General’s office, Set Forth confirmed that 1.5 million people were affected by this breach.
At the time of writing, there was no information about who might have stolen the archives. No threat actors have yet taken responsibility for the intrusion.
To prevent similar incidents from happening in the future, Set Forth has outlined a number of implementations, including improved endpoint monitoring, a global password reset, and additional security measures. Additionally, the company is now offering 12 months of identity theft protection to affected individuals through Cyberscout.
“Again, at this time there is no evidence that your information has been misused. However, we encourage you to make the most of this service offering,” Set Forth concludes in his letter.
In the meantime, several law firms have started investigating the case to see whether there are grounds for a class action lawsuit.
Via Cyber news