Sign in / up

back to article From 112K to 4M folks' data – HR biz attack goes from bad to mega bad

Houston-based VeriSource Services' long-running probe into a February 2024 digital break-in shows the data of 4 million people – not just a few hundred thousand as it first claimed - was accessed by an "unknown actor". The tech company, which provides employee benefits administration services, began contacting those affected …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. tiggity Silver badge

    Regrets, I've had a few

    "[VeriSource] deeply regrets any inconvenience or concern this incident may cause"

    But, hey, VeriSource saved lots of time & money by skimping on pen tests, security staff, more secure infrastructure etc. etc.

    And so a few mealy mouthed platitudes are fine when we think of saved money / better profits over the years (& thus C suite bonuses)

    9 0 Reply
  2. Excused Boots Silver badge
    Joke

    "was accessed by an "unknown actor”.”

    I heard it was Tom Hanks!

    5 0 Reply
  3. Missing Semicolon Silver badge
    FAIL

    We know the drill

    "nothing to see here, move along".

    If Verisource is still trading next year, you know that, as usual, nothing happened.

    2 0 Reply
  4. Lee D Silver badge

    The other day I had a sales guy try to sell me "AI-based" HR and payroll services.

    My reply was "I literally cannot imagine a worse use-case for AI".

    Even traditional HR services seem to me to be so inherently vulnerable the second that they become Internet-connected things.

    4 0 Reply
  5. Eclectic Man Silver badge
    Unhappy

    Credit Monitoring

    "credit monitoring and identity theft protection services for 12 or 24 months"

    Fraudsters know exactly how long, and how effective, credit monitoring and theft prevention services are. In the UK registration with CIFAS lasts for 24 months, and fraudsters with your information will wait it out and then scam you and your bank, building society, pension funds, savings accounts, shares accounts etc. again and again and again. (They've got away with over £120,000 from my accounts, and I expect they will try again when the 'protections' afforded by CIFAS registration lapse later this year.)

    2 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Pull the other one

    "The privacy and protection of personal and protected health information is our top priority" - yeah, but only AFTER they were breached.

    I'd love to do an audit of that outfit - it's practically guaranteed that your main conclusion would be money-inspired negligence.

    1 0 Reply
  7. sitta_europea Silver badge

    "It took a 1 year+ probe, plenty of client calls for VeriSource to understand just how much of a yikes it has on its hands"

    It took a 1 year+ probe, plenty of client calls for VeriSource to admit just how much of a yikes it has on its hands

    FTFY.

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like