Bradford-Scott says May data breach compromised the data of over 88k individuals

Indiana-based software solution provider Bradford-Scott said a cyber attack that occurred in May 2023 compromised the sensitive personal information of more than 88,000 individuals.

 

Based in Indianapolis, Indiana, Bradford-Scott Data Corporation provides core data processing systems to several credit unions and organises various training programs. It also provides computer peripheral equipment and software packages, as well as renders system installation services to customers in the United States.

 

In a recent filing with the Office of the Maine Attorney general on behalf of Community Credit Union of New Milford, Bradford-Scott said that in July last year, it identified unusual activity in its internal network and immediately launched an internal investigation, with assistance from third party cyber security experts, to understand the nature and scope of the incident.

 

“Through this investigation, we learned that certain files were likely copied from our network between May 19 and May 28, 2023. We then began a time-intensive and detailed review of all files determined to be affected by this event to determine what information was present in the files and to whom it related,” the company said.

 

It said the stolen data included the names and other personal identifiers along with Social Security Numbers. The company’s filing with the state regulator also revealed that at least 43,414 individuals associated with Community Credit Union of New Milford were impacted by the data security incident.

 

“Bradford-Scott takes this event and the privacy of information in our care seriously. Upon discovery of the event, we conducted a diligent investigation to confirm the full nature and scope, took prompt steps to ensure security of our network environment, conducted a comprehensive review of the information potentially affected, and reported this event to federal law enforcement.

 

“Further, as part of our ongoing commitment to the privacy and security of information in our care, we implemented multiple additional security measures and safeguards to further enhance our existing policies and processes. In addition to notifying you, we will be notifying applicable state and federal regulators as well as the consumer reporting agencies,” Bradford-Scott added.

 

While the software solution provider did not find any evidence of the compromised data being misused, the possibility for the same cannot be ruled out. The company has urged all affected individuals to remain vigilant, review their credit reports and financial statements on a regular basis, and report suspicious transactions to relevant law enforcement authorities.

 

Bradford-Scott is also offering one year of complimentary credit monitoring and identity theft protection services through IDX to all the individuals affected by the data breach.

 

Earlier this month, Bradford-Scott also filed a data security incident notice with the Maine state regulator on behalf of Wellness Federal customers. According to the filing, as many as 41,968 individuals associated with Wellness Federal Credit Union were impacted by the same data security incident.