VeriSource Data Breach Impacted 4M Individuals

A major data breach has left over 4 million individuals vulnerable after personal information was stolen from VeriSource, a US-based employee benefits administration company. The breach occurred in February 2024 and was discovered on the same day, with the incident being investigated by the company's cybersecurity team.

What Happened?

In February 2024, an unauthorized individual gained access to VeriSource's network environment, compromising sensitive data belonging to employees and dependents of companies that use the company's services. The breach was uncovered on February 28, 2024, after unusual activity was detected on the network.

What Information Was Stolen?

According to VeriSource, certain personal information was acquired without authorization, including names, addresses, dates of birth, gender, and/or Social Security numbers. However, it's worth noting that not all data types were impacted for every individual.

The Company's Response

VeriSource immediately took steps to secure their network environment after discovering the breach. The company launched a comprehensive investigation with the assistance of independent cybersecurity experts to determine whether any sensitive data was involved and whether personal information may have been affected. After conducting a thorough review, VeriSource confirmed that certain personal information was indeed compromised.

Following the review, the company issued an initial set of notices on August 20, 2024, to notified individuals affected by the incident. The process was completed on April 17, 2025, and the company has since notified its client companies and worked with them to collect additional information necessary for further notifications.

What's Being Done To Protect Affected Individuals?

VeriSource is taking proactive steps to protect affected individuals. The company offered free 12-month ID protection to those impacted by the breach, advising them to closely monitor their debit and credit card statements for any unusual activity and promptly contact their card issuer if they notice anything suspicious.

About VeriSource Services

VeriSource Services, Inc. is a privately held company established in 1997 with its headquarters located in Houston, Texas. The company specializes in employee benefits administration and enrollment solutions for employer groups, offering a range of services including COBRA administration, dependent verification, ACA reporting, eligibility monitoring, consolidated billing, and direct billing services.

What's Next?

The Federal Bureau of Investigation (FBI) and the US Department of Health and Human Services (HHS) have been notified about the breach. Credit agencies have also been informed, and VeriSource is not aware of any misuse of stolen data. As a result of the breach, affected individuals are advised to remain vigilant and take steps to protect their personal information.

VeriSource has taken significant steps to address this incident and ensure that those impacted by the breach receive the necessary support and protection. The company's commitment to data security and customer care is clear, and we will continue to monitor the situation closely.