BBS Financial, LLC recently reported a data breach resulting from a ransomware attack that occurred in January 2024. On November 11, 2024, the company filed a formal notice with the Attorney General of Maine, revealing that the breach led to the unauthorized access and potential exposure of sensitive consumer information. The compromised data includes personal details such as names, addresses, Social Security numbers, dates of birth, government-issued identification numbers, and financial account information. Following the breach, BBS began notifying individuals whose data was affected, providing them with details about what information was compromised and offering steps to mitigate potential risks.
The ransomware attack was first detected on January 29, 2024, when BBS noticed that confidential information had been removed from its computer systems. The attackers subsequently demanded a ransom in exchange for the deletion of the stolen data. In response to the breach, BBS immediately shut down its network to isolate the attack and launched an investigation with third-party cybersecurity experts. The company also entered into negotiations with the hackers and ultimately paid the ransom to ensure that the data was deleted. Although BBS received evidence confirming the deletion, there are still concerns about the potential for future misuse of the compromised information.
BBS Financial Service took additional steps to assess the full scope of the breach by reviewing the compromised files. The investigation revealed that the stolen data varied across individuals, but it generally included highly sensitive personal and financial information. As part of its response, BBS Financial Service sent data breach notification letters to all affected individuals. These letters include specific details about the data that was compromised and offer advice on how to safeguard against identity theft and fraud.
Despite the breach, BBS Financial Service has assured customers that their payment information was not compromised in the attack. The company, which has been in operation since 1988 and provides a range of accounting and business services, is continuing to work on improving its cybersecurity measures. The breach serves as a stark reminder of the growing threats posed by ransomware attacks, particularly in sectors dealing with sensitive personal and financial information. BBS remains committed to helping affected individuals navigate the potential risks associated with the breach and continues to monitor the situation closely.