AllTrust breach exposes data of over 160,000 people

Canadian software acquisition and investment firm Valsoft Corporation said a data security incident it suffered last year compromised the sensitive personal information of more than 160,000 individuals.

 

Headquartered in Montreal, Canada, Valsoft Corporation, operating under the name AllTrust, provides long-term business development by maintaining the identity and operations of acquired companies, while offering strategic resources to foster their growth.

 

In a data security incident notice filed with the Office of Maine Attorney General, AllTrust said that on February 14, 2024, it detected unusual activity within its internal network. The company immediately launched an investigation with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The investigation determined that an unauthorised actor accessed our network between February 12, 2024, and February 15, 2024, and took certain files within our network during that time,” AllTrust said.

 

The compromised data included names and other personal identifiers along with Social Security numbers. AllTrust, in its filing with the Maine state regulator, added that it has identified at least 161,359 individuals impacted by the incident.

 

“Upon becoming aware of this incident, we immediately took steps to confirm the security of our systems and to determine what information was potentially impacted. We implemented additional security measures, and we are reviewing existing security policies to further protect against similar incidents moving forward,” the company added.

 

AllTrust has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general.

 

It has also offered one year of complimentary identity protection and credit monitoring services through IDX to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on AllTrust. The company also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.