Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

1.5m exposed in US financial services data breach

About 1.5 million people have had their data potentially compromised after threat actors breached the systems of US financial services and debt relief firm Set Forth (Forth).

user icon Daniel Croft
Wed, 13 Nov 2024
1.5m exposed in US financial services data breach
expand image

On 21 May 2024, Forth identified a security incident involving suspicious activity from unauthorised users on its network. The company launched an investigation and launched incident response protocols.

“The investigation determined, on July 1, 2024, that the unauthorised user gained access to documents on their systems,” said Forth in a notice on its website.

“The review of potentially impacted documents determined that the following data elements may have been contained in the documents: names, Social Security numbers, dates of birth, and addresses.”

============
============

According to a data breach notification submitted to the Office of the Maine Attorney General, a total of 1.5 million people were affected.

In a notice sent to customers, Forth said that customers for its business-to-business partner Centrex were also affected.

“Receipt of this letter may be confusing for those who have not been direct customers of Forth. You may be receiving this letter if you were a customer or have done business with Centrex, Inc,” it said.

There is currently no evidence of data being misused; however, Forth has implemented a number of security protocols to prevent a repeat incident.

“We deployed enhanced endpoint monitoring software, performed a global password reset, and implemented additional security controls. In addition to these measures, we are offering identity theft protection services through Cyberscout for 12 months,” Forth told customers.

Cyber Daily has yet to observe a threat actor taking responsibility for the incident.

“Forth and Centrex take the need to protect the privacy and security of all information in their respective care very seriously, and deeply regret any inconvenience or concern that this matter may cause,” Forth said.

According to CyberNews, two law firms – Milberg Coleman Bryson Phillips Grossman, LLC and Shamis & Gentile P.A. – are investigating whether or not a class action lawsuit can be launched in response to the incident.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.