Setra Systems, an electronics manufacturer based in Boxborough, Massachusetts, reported a data breach to the Attorney General of Maine involving sensitive personal and health information. The breach occurred between January 25, 2023, and November 6, 2023, after unusual activity was detected within its network environment in October and November 2023. Setra discovered that two unauthorized third parties had accessed its network, prompting an immediate investigation into the nature and scope of the incident. The investigation revealed that personal information had been exposed, including protected health information, which could have been acquired by unauthorized individuals during this period.
The compromised data potentially exposed includes a variety of sensitive personal information, such as names, Social Security numbers, dates of birth, driver’s license or state-issued identification numbers, passport numbers, birth certificate numbers, financial account numbers, credit or debit card numbers, and health insurance information. Setra conducted a detailed review of the impacted data to identify which individuals were affected. The review, which concluded on September 3, 2024, confirmed that the breach involved the personal information of several individuals, though the extent of the exposure varied depending on the individual.
In response to the breach, Setra began notifying affected individuals on October 3, 2024. The company sent data breach notification letters to inform those impacted by the incident about the types of sensitive information that were compromised. Additionally, Setra is offering 24 months of complimentary credit monitoring services to the affected individuals to help mitigate the risks of identity theft or financial fraud. The notification also provides guidance on best practices to protect personal information, such as monitoring financial account statements for irregularities and placing fraud alerts on credit files.
Setra, founded in 1967, provides a wide range of electronic products, including pressure sensors, environmental monitors, and air quality sensors, serving industries such as healthcare, energy management, and cleanrooms. It is a subsidiary of Fortive, a global technology company based in Washington. Despite the data breach, Setra is committed to maintaining the privacy of its customers’ information and has taken steps to enhance its network security. These measures include working with forensic consultants to contain the breach, notifying federal law enforcement, and strengthening its security protocols to prevent future incidents. The company continues to prioritize the protection of sensitive personal data and is taking all necessary actions to address the situation.
