Canada-based vertical market software (VMS) firm Valsoft Corporation (dba AllTrust) is notifying over 160,000 people that their personal information was compromised in a data breach.
The incident, discovered on February 14, involved unauthorized access to a non-production network of AllTrust subsidiary Aspire USA.
“Aspire’s internal security team identified an in-progress file transfer which they were able to interrupt mid-transfer,” the company says in a notification letter to the impacted individuals, a copy of which was submitted to the Maine Attorney General’s Office.
The attackers, the company says, had access to Aspire’s network between February 12 and February 15, and stole certain files during that time.
“While the investigation was able to confirm that certain systems were accessed, it was unable to confirm which specific files within those systems were actually accessed or taken. Aspire also believes their immediate actions stopped the activity in process and that there is minimal risk of harm to individuals,” AllTrust says.
However, the company determined that the impacted systems contained personal information such as names, driver’s license numbers, Social Security numbers, and financial account details.
“Please note that we are not aware of any information which has been subject to actual misuse as a result of this event, and we are notifying you out of an abundance of caution,” the company said in an initial notification letter sent on February 27.
This week, AllTrust told the Maine AGO that 161,359 people were affected by the incident and that it is providing them with 12 months of free credit monitoring services.
The company also notes that it has implemented additional security measures and is reviewing existing security policies, and that it has notified the relevant state regulators of the attack.
Related: Kelly Benefits Data Breach Impact Grows to 400,000 Individuals
Related: Ascension Discloses Data Breach Potentially Linked to Cleo Hack
Related: 4 Million Affected by VeriSource Data Breach
Related: African Telecom Giant MTN Group Discloses Data Breach
