VeriSource Services has confirmed that a cybersecurity incident first detected in February 2024 has resulted in a data breach affecting four million people. The Texas-based firm, which provides employee benefits administration and HR outsourcing solutions to clients across the United States, began sending breach notifications in April 2025 after completing a prolonged investigation into the scope of the exposure.
According to a notice shared with state regulators, VeriSource initially became aware of suspicious activity on February 28, 2024, when it experienced disruption to access across several systems. In response, the company launched its incident response protocol, secured its network, and engaged a third-party digital forensics firm to determine the cause and impact of the intrusion. The investigation later confirmed that an unauthorized actor had likely accessed personal data around February 27, 2024.
The forensic process took over a year to complete, with the final list of affected individuals compiled on April 17, 2025. VeriSource began issuing formal data breach notices on April 23. The compromised data includes names, addresses, dates of birth, genders, and Social Security numbers. While no financial account information or passwords were reported stolen, the volume and nature of the exposed data pose serious identity theft and fraud risks.
VeriSource is offering twelve months of complimentary credit monitoring, identity protection, and restoration services to all impacted individuals. The company had previously sent notifications to smaller subsets of affected people—55,000 in May 2024 and another 112,000 in September—but these early notices represented only a fraction of the breach’s full scope.
Despite the scale of the incident, no mention of VeriSource has appeared on ransomware extortion portals, leaving the nature of the attack unclear. It remains unknown whether data was stolen as part of a ransomware operation or if another form of compromise occurred. The absence of a ransom demand and the year-long delay in notification may raise concerns among clients and regulators alike.
For individuals receiving notification letters, VeriSource recommends enrolling immediately in the provided protection services and remaining alert for phishing attempts or signs of misuse.
