KemperSports reports a data breach impacting 62,000 individuals

KemperSports, a leading golf course management and hospitality company, has revealed a significant data breach impacting the personal information of tens of thousands of individuals.

The company informed the Maine Attorney General’s Office that it discovered suspicious network activity on April 1, 2024, which led to an investigation confirming a cyberattack. The breach allowed a threat actor to access systems containing sensitive personal data, including names and Social Security numbers.

The company disclosed that more than 62,000 individuals were affected by the incident, with most of the compromised data involving current and former employees. KemperSports employs over 7,500 people across 30 states and manages a portfolio of more than 140 locations.

Despite the breach, KemperSports assured impacted individuals that there is no evidence to suggest the stolen information has been used for identity theft or fraud. To mitigate potential risks, the company offers those affected one year of free credit monitoring and identity restoration services.

While no ransomware group has claimed responsibility for the breach, the possibility remains that it could be a ransomware attack. This is the second time KemperSports has reported a data breach recently; last year, the company disclosed unauthorized access to two employee email accounts containing sensitive information. KemperSports works closely with authorities to address the breach and ensure enhanced security measures.