DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Andy Frain Services reports stolen laptop, but were they also hacked?

Posted on September 6, 2019 by Dissent

Andy Frain Services has reported a breach to the California Attorney General’s Office. The breach reportedly occurred on May 2, and their letter to those affected begins:

We are writing with important information regarding a recent security incident. The privacy and security of the personal information we maintain is of the utmost importance to Andy Frain Services, Inc. (“Andy Frain Services”). As such, we wanted to provide you with information about the incident, explain the services we are making available to you, and let you know that we continue to take significant measures to protect your information.

So what happened? If they take “significant measures,” I might expect to see some unusual or sophisticated attack, but no. It seems that an employee’s laptop with unencrypted names and Social Security numbers was stolen from her car. Not surprisingly, the laptop was (only) password-protected. template. Their notification did not indicate how many individuals had their names and SSN on the stolen device or whether the employee violated any policies. Nor does it indicate whether there was any disciplinary actions taken with respect to the employee.

You can read the template of their full notification letter here. It includes an offer of one year of complimentary services with an Experian product. Those affected can call a phone line set up to handle inquiries about the incident and steps that can be taken to protect themselves.

Not knowing anything about Andy Frain Services, I googled the firm and learned that they provide integrated security services for events. They have more than a dozen locations in the U.S., as well as locations in China, England, and Canada.

But it was the google search results that surprised me the most. Under the link to their web site was Google’s warning, “This site may be hacked.”
Google result for Andy Frain Services has a caution from Google saying "This site may be hacked."

DataBreaches.net emailed Andy Frain Services on September 4 through their web site to ask them if they were aware of the Google warning that they might have been hacked and whether there was any connection between that message and the laptop theft breach they had reported to California. No answer was received and the firm did not respond immediately to a voicemail left for them tonight. If a response is received, this post may be updated.

Category: Breach IncidentsCommentaries and AnalysesTheft

Post navigation

← UK: Gender identity clinic leaks almost 2,000 patients’ email addresses
Meridian Community College discloses a breach that was discovered in January →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Trump Rewrites Cybersecurity Policy in Executive Order
  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit
  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.