KemperSports, a leading golf course management and hospitality firm, has reported a significant data breach impacting over 62,000 individuals. The company informed the Maine Attorney General’s Office about the incident, which was first detected on April 1, 2024. An internal investigation revealed that attackers had gained unauthorized access to systems containing sensitive personal information, including names and Social Security numbers.
The compromised data primarily involves current and former employees of KemperSports, which operates over 140 locations across 30 states and employs more than 7,500 individuals. Despite the breach, the company has stated that there is no evidence indicating the misuse of the stolen information for identity theft or fraud. To mitigate potential risks, KemperSports is offering affected individuals one year of free credit monitoring and identity restoration services.
As of now, no known ransomware group has taken credit for the attack on KemperSports. The company has yet to clarify whether a ransom was paid, which could explain the lack of public acknowledgment from any ransomware group. This situation leaves open the question of whether the breach was related to a ransomware attack or another form of cyber intrusion.
This incident is not KemperSports’ first encounter with data security issues. Approximately a year ago, the company disclosed unauthorized access to two employee email accounts, which contained sensitive information. The recent breach highlights ongoing concerns about cybersecurity within the organization, prompting several law firms to issue press releases seeking individuals affected by the breach to file class action lawsuits against the company.
Reference:
