The Andovers Federal Credit Union Data Breach

Will Gendron
Editor in Chief
Published
April 12, 2024
Updated
June 28, 2024
The Andovers Federal Credit Union Data Breach

What Happened?

On July 2, 2023, Bradford-Scott Data, LLC, a technology service provider for The Andovers Federal Credit Union, detected unusual activity within a limited portion of their network. This prompted an immediate security response to protect the environment and an extensive investigation to understand the scope and nature of the activity. It was discovered that between May 19 and May 28, 2023, certain files were likely copied from their network.

After a detailed review completed by December 10, 2023, it was confirmed that personal information including names and taxpayer identification numbers (typically Social Security Numbers) were involved. This incident has impacted 43,435 individuals nationwide, including 63 residents of Maine. The breach was first reported to the Maine Attorney General's office on February 29, 2024, and additional information was provided on April 11, 2024. You can view the full disclosure on the Maine Attorney General's website.

Notification and Response

Bradford-Scott has taken this breach seriously and has implemented multiple security measures to enhance their network's defenses. They have also reported the incident to federal law enforcement and are in the process of notifying affected individuals and regulators.

On April 11, 2024, Bradford-Scott began sending out written notifications to the affected parties, informing them about the breach and the steps being taken in response. These notifications include an offer for free credit monitoring and identity theft protection services through IDX, A ZeroFox Company. The services offered include credit and CyberScan monitoring, a $1,000,000 insurance reimbursement policy, and fully managed ID theft recovery services.

Steps You Can Take

If you believe you might be affected by this breach, it is crucial to stay vigilant and monitor your financial accounts and credit reports for any unusual activity. Here are some steps you can take:

  1. Enroll in Credit Monitoring Services: You can enroll in the services provided by IDX by visiting their website here. Make sure to use the enrollment code provided in your notification letter.
  2. Monitor Your Accounts: Keep an eye on your financial statements and sign up for alerts. You are entitled to a free credit report annually from each of the major credit bureaus—Equifax, Experian, and TransUnion. Visit AnnualCreditReport.com or call 1-877-322-8228 to request your reports.
  3. Place a Fraud Alert or Credit Freeze: You can place a fraud alert on your credit reports which helps protect against the opening of new credit accounts in your name. Alternatively, a credit freeze will lock your credit reports entirely. Contact each of the three major credit bureaus to set these up: Equifax, Experian, and TransUnion.
  4. Report Suspicious Activity: If you detect any suspicious activity or believe you are a victim of fraud, report it immediately to your financial institution, and consider filing a report with the local police or the Federal Trade Commission at IdentityTheft.gov.

Notice Letter

This browser does not support inline PDFs. Please download the PDF to view it: Download PDF

Consumers Notification date
04/11/2024
Date of Breach
Breach Discovered Date
12/10/2023
Total People Affected
43,435
Information Types Exposed
- Social Security Number

Join the

The Andovers Federal Credit Union

data breach lawsuit. It's free to join. 

Join the Lawsuit
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image
CTA Image