Employee eligibility verification solutions provider Form I-9 Compliance has suffered a data breach and its impact is far bigger than initially believed.
Form I-9 Compliance assists customers in completing government-required Form I-9 documents, which are used to verify the identity and employment authorization of individuals hired in the United States.
In late May, the company started informing customers that someone had gained unauthorized access to its network in early February. The intrusion was detected on April 12 and some systems were shut down as part of the company’s incident response process.
Based on data provided by Form I-9 Compliance to the Maine Attorney General’s Office, when it initially started notifying impacted individuals, Form I-9 determined that the breach had affected roughly 27,000 people.
In an update shared with the Maine AGO in October, the company revealed that the number of impacted individuals had increased to nearly 97,000.
Another update, shared in recent days, shows that the Form I-9 data breach actually affects more than 193,000 people.
The compromised information includes names and Social Security numbers, and impacted individuals are being offered free identity theft protection and credit monitoring services.
It’s unclear if Form I-9 was targeted in a ransomware attack. No known ransomware group appears to have taken credit for the intrusion.
Related: Millions of Hot Topic Customers Impacted by Data Breach
Related: Amazon Employee Data Leaked by Hacker
Related: Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People
