Find Great People Data Breach Exposes Sensitive Personal Info

On July 19, 2024, Find Great People (FGP), a staffing and recruiting firm, experienced a significant data breach that has potentially impacted the personal information of numerous individuals. The breach was detected when FGP noticed a network disruption affecting the functionality and access of certain systems. Upon this discovery, the company took immediate action by disconnecting network access and engaging a specialized third-party cybersecurity firm to investigate the incident.

The forensic investigation, which concluded on September 13, 2024, revealed that unauthorized access to some of FGP's files had occurred. These files contained sensitive personal information, and it was confirmed that an unknown third-party had accessed or obtained this data without permission. By September 16, 2024, FGP had identified the specific individuals affected and the types of information compromised.

Disclosed Information Exposed:

• Name
• Address
• Social Security number
• Driver's license number
• Passport
• Date of birth

Despite the company stating an unknown actor accessed their systems, the ransomware group, Akira, posted on their dark web website on July 31, 2024 that they were responsible for the hack. The group claimed to have 32 BG of data including confidential client and employee data.

Find Great People's Response

In response to the breach, Find Great People has prioritized securing their systems and protecting personal information. The company has implemented several measures to enhance their security posture. These include disconnecting network access, conducting a comprehensive credential reset, and deploying additional security tools such as enhanced firewall and VPN client auditing, as well as advanced Endpoint Detection and Response (EDR) measures.

Furthermore, FGP has increased third-party monitoring and upgraded their network with improved security features.

To assist affected individuals, FGP is offering complimentary access to Single Bureau Credit Monitoring, including credit reports and scores, for a period of 24 months. This service will alert individuals to any changes in their credit files, helping them to monitor for signs of identity theft or fraud.

Steps for Affected Individuals

If you believe you may have been affected by this data breach, it is important to take proactive steps to protect your personal information. Here are some recommended actions:

1. Enroll in Credit Monitoring: Take advantage of the free credit monitoring services provided by FGP. This will help you keep track of any unusual activity on your credit report.
2. Monitor Your Accounts: Regularly review your financial statements and credit reports for any unauthorized transactions or new accounts.
3. Place a Fraud Alert or Credit Freeze: Consider placing a fraud alert or credit freeze on your credit files to prevent new accounts from being opened in your name without your consent.
4. Stay Informed: Keep an eye on communications from FGP and consult resources like the Federal Trade Commission's Identity Theft website for additional guidance.

For further details on the breach and the company's response, you can view the official Notice to Consumers on the Massachusetts Attorney General's website.