A massive data breach at HR and benefits firm VeriSource Services compromised the personal information of around 4 million people, but it took over a year for the full scope to be disclosed and victims properly notified, The 420 reports.While VeriSource detected suspicious activity as early as February 2024, most affected individuals only learned of the breach in April 2025, despite the theft of full names, birth dates, addresses, gender, and Social Security numbers. Cybersecurity experts say the delay represents a critical lapse in corporate responsibility, warning that this kind of sensitive data can be exploited for fraud, phishing, and identity theft.These arent just compliance failures. Theyre human ones, noted Kurt Knutsson, underscoring the real-life consequences of sluggish breach response.Although the attack was carried out by external actors, VeriSources lack of transparency and slow notification process has drawn intense criticism. Experts urge potential victims to monitor credit reports, enable fraud alerts, and adopt security tools to protect themselves.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds