Stanley Steemer, a prominent carpet cleaning company, has reported a significant data breach affecting nearly 68,000 individuals. The Ohio-based company discovered the cyberattack in March, with unauthorized access dating back to February 10. The breach was detected on March 6, and the company has been diligently reviewing at-risk files to determine the extent of the exposure and the individuals impacted.
The compromised information includes names and Social Security numbers. While the company has not confirmed the nature of the attack, the Play ransomware gang has taken credit for the incident, claiming to have stolen a variety of sensitive data, including accounting records and personal identification documents.
In response to the breach, Stanley Steemer has engaged federal law enforcement and is offering two years of complimentary credit monitoring services to the victims. The breach notification does not specify if ransomware was involved, and Stanley Steemer has not provided further comments on the attack.
This incident is part of a larger pattern of cyberattacks by the Play ransomware gang, which has been active since July 2022 and has targeted various government entities and municipalities throughout 2023. The breach underscores the ongoing cybersecurity challenges faced by companies across industries and the importance of robust protective measures to safeguard sensitive customer data.
