On January 25, 2024, Red House encountered a data security incident that significantly impacted its computer systems, causing a temporary disruption to its operations. The company took immediate action by launching an investigation with external assistance to determine the nature and scope of the breach. The investigation revealed that unauthorized actors had accessed certain systems, prompting Red House to assess the extent of the compromise and restore its affected operations.
On August 14, 2024, Red House confirmed that the breach had resulted in the exposure of sensitive employee, vendor, and customer information, including names and Social Security numbers. In response, Red House undertook a thorough review of its files to identify potentially affected individuals and to understand the geographical distribution of the data to ensure compliance with notification requirements. The company’s efforts culminated in a detailed assessment that was completed on September 30, 2024.
In accordance with legal and ethical obligations, Red House began providing written notice of the incident to impacted individuals on or about October 14, 2024. The notifications were sent to two Maine residents and included guidance on how to protect against identity theft. In addition, Red House notified relevant state regulators and federal law enforcement, demonstrating a commitment to transparency and compliance throughout the incident response process.
To assist those affected, Red House is offering twelve months of complimentary credit monitoring services through Experian, enabling individuals to monitor their personal information closely. Furthermore, the company has provided resources and recommendations for safeguarding against identity theft, such as placing fraud alerts on credit files and reviewing account statements for any irregularities. Red House’s proactive measures aim to mitigate the potential impact of the breach and to reassure affected individuals that their safety and privacy remain a top priority.
