Steel River System, LLC. Computer Network Gets Hacked
Table of Contents
- By Miguel
- Published: Dec 30, 2022
- Last Updated: Dec 30, 2022
Steel River System is a debt collector based out of Pennsylvania. We can't help but laugh at the situation; a real-life debt collector – no scams included with your phone call – was a target for a hacker. This company likely had access to many sensitive details, so it must have been a very lucrative target. However, one wouldn't usually think of a telephone debtor as the perfect breach victim.
How Did the Attack Occur?
The attack occurred when an unauthorized party accessed Steel River's computer system in mid-July. "Data privacy and security are among Steel River's highest priorities, and there are extensive measures in place to protect the information in our care," read the notice. "Upon discovery, Steel River immediately commenced an investigation with the assistance of third-party cyber security specialists to confirm the nature and scope of this incident. Steel River is providing notice of this incident to potentially impacted individuals and pertinent state and/or federal regulators."
What Information Was Viewed or Stolen?
The letter sent to the California State Attorney General's Office only said that names were involved, among other undisclosed information. There could be a lot of information stored in Steel River's systems, and we aren't sure what that is exactly. Luckily, the notices received by victims will detail what of their information was involved.
How Did Steel River Admit to the Breach?
Steel River sent a notice to the California State Attorney General's Office and notified the affected individuals. The notifications included a synopsis of what happened and the company's actions. It also extended an offer of three months of access to Experian credit monitoring.
What Will Become of the Stolen Information?
This is dependent on what exactly the hacker was able to access. Suppose it was social security numbers and birthdays. In that case, they stand to make quite a lot, as the combination of names, birthdays, and social security numbers sells for 60 to 80 dollars, depending on credit. If any financial information was involved, which is likely, the attacker stands to gain even more. Medical information, financial information, passports, and (weirdly) diplomas are the highest-selling hacked items. Luckily, it is likely that the only thing from this list the assailant managed to access was financial details.
What Should Affected Parties Do in the Aftermath of the Breach?
We think that you should handle this breach like you do any other; with time, delicacy, and attention. If you or a loved one have been affected by this breach, there are steps you can take to protect yourself. This will most likely start with accepting the credit monitoring. Once this expires, you can pay for it on your own. If that's not within your budget, you can download one of the many device-monitoring software titles available. The better ones will likely be more expensive, but you will probably be able to find one that will fit your needs and your budget.
