Employee benefit administrative services provider VeriSource Services is notifying four million individuals that their personal information was stolen in a year-old hack.
The incident, the company says, was discovered on February 28, 2024, one day after a threat actor exfiltrated data from its systems.
A review of the compromised data was concluded on August 12, 2024, and the company started notifying the potentially impacted individuals a week later.
The stolen information, VeriSource says, belonged to employees and dependents of companies using its services, and it has been working with these companies to “collect the necessary information to notify additional individuals affected by this incident”.
“That process was completed on April 17, 2025. We then took steps to notify impacted individuals of the incident as quickly as possible,” VeriSource notes in a data breach notice.
The potentially compromised information, the company says, differs by individual, but generally includes names, addresses, dates of birth, gender information, and Social Security numbers.
VeriSource says it is not aware of any of the stolen information being misused, but it is providing the potentially affected individuals with 12 months of free credit monitoring and identity protection services.
“We suggest that you review your debit and credit card statements carefully in order to identify any unusual activity. If you see anything that you do not understand or that looks suspicious, you should contact the issuer of the debit or credit card immediately,” the company’s notice reads.
Last week, the benefits administrator notified the Maine Attorney General’s Office that four million individuals were impacted by the incident.
Founded in 1997 and based in Houston, Texas, VeriSource provides employee benefits administration and HR outsourcing solutions and services, including data management, employee enrollment, billing, ACA reporting, dependent verification, FMLA administration, and more.
Related: African Telecom Giant MTN Group Discloses Data Breach
Related: Blue Shield of California Data Breach Impacts 4.7 Million People
Related: 5.5 Million Patients Affected by Data Breach at Yale New Haven Health
Related: Ransomware Group Claims Hacking of Oregon Regulator After Data Breach Denial