Hospitality Staffing Solutions (HSS) attackers stole users’ personal details, including financial account information.
Attackers penetrated the company’s defenses in early June this year, HSS said in a breach notification letter to people whose data may have been exposed.
HSS, an Atlanta-based company, provides hospitality staffing services in the US, serving more than 1,000 properties. The business is owned by Kellermeyer Bergensons Services (KBS), a California-based facilities management company.
According to the notification letter, an investigation into the HSS breach revealed that malicious actors gained access to files containing personal information. According to the information HSS provided to the Maine Attorney General, the breach exposed 104,660 individuals.
“Our review identified files that included your name and one or more of the following: Social Security number, driver’s license number, and/or financial account number,” HSS said in a letter.
Stolen personal details can end up on hacking forums, where threat actors sell data to the highest bidder. Cybercriminals can use personal information to commit fraud: from identity theft and phishing attacks to opening new credit accounts, making unauthorized purchases, or obtaining loans under false pretenses.
While the never-ending stream of data breaches can cause fatigue, experts warn that even seemingly insignificant pieces of leaked personal information can be collated to have a devastating impact. Victims whose data has been leaked often don’t realize they have been compromised and therefore take no action to mitigate the outcome.
HSS said that it will provide victims with identity protection services for one year, free of charge. The latter measure has become a norm amongst companies that have had their client or employee data stolen. However, if stolen data ends up on the dark web, there’s little chance of it ever being taken down.
More from Cybernews:
Subscribe to our newsletter