In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. Over 160,000 individuals are potentially impacted, with exposed data including Social Security numbers, driver’s license information, and financial account details. We explore how the breach unfolded over a three-day window, the steps Aspire took to interrupt an in-progress data transfer, and how long it took to notify affected individuals.
We’ll also examine the legal implications now facing Valsoft, including multiple law firm investigations and the potential for class action lawsuits. Additionally, we cover what this breach reveals about current cybersecurity practices in companies handling PII and how consumers can protect themselves when their data is exposed. From SOC2 compliance claims to the offer of free credit monitoring, we question whether the company’s response was adequate—or merely reactive.
Was this breach preventable? And what can other companies learn from Valsoft’s handling of it? Tune in for a hard look at one of 2025’s most notable PII exposure incidents.
