Illinois-based physical security company Andy Frain Services revealed on Friday that a data breach suffered last year impacts more than 100,000 people.
Andy Frain provides security services for major sports arenas, event venues, universities, commercial businesses, airports, and organizations in the transportation industry.
The data breach notification letter sent by the company to impacted individuals does not contain any technical details on the incident and it’s unclear exactly what type of information has been compromised.
However, the information is likely sensitive considering that impacted individuals are being offered 12 or 24 months of credit monitoring and identity restoration services.
Andy Frain told the Maine Attorney General’s Office that the breach was discovered in October 2024 and that more than 100,000 people were impacted.
The Black Basta ransomware group took credit for the Andy Frain hack in November 2024, claiming to have stolen 750 Gb of files, including ones related to accounting, HR, and legal departments.
The cybercrime group has not announced any new victims for several months. Experts said it went underground, but the hackers are expected to return, likely in a different form.
Related: 437,000 Impacted by Ascension Health Data Breach
Related: US Deportation Airline GlobalX Confirms Hack
Related: 160,000 Impacted by Valsoft Data Breach
Related: Company and Personal Data Compromised in Recent Insight Partners Hack