From HFHC:
For the past several months, HFHC has been dealing with a significant and malicious data breach which has severely handicapped our ability to efficiently conduct business and has hijacked our attention for the last several months. The tech company we are now working with states in its letter of findings that “In 17 years of business support RangerTek has not come in contact with a network and server that has had this level of security failure. Further RangerTek has not seen this level of malicious attack on a server”.
Read more on HabitatColorado.org. I’ve read their entire statement and notification template but they don’t seem to provide any details about how the breach occurred – only that it didn’t impact their email nor credit card information- and that
Compromised personal information is limited only to documents that included first and last name, address, date of birth, and either a social security number or driver’s license number. At this time we believe this only includes HFHC staff and applicants specific to USDA loans and FHLB subsidies. Per our document retention policy, we do not store that data physically; however any document scanned onto our server may have been breached. Your affiliate may be contacted requesting additional information to assist us in properly notifying applicants.