Cyber Incident Victim: FocusIT Inc.
Date:
Aug 2022
Location:
United States of America
Summary
A cybersecurity incident involving FocusIT Inc. exposed sensitive consumer information after an unauthorized party accessed a third-party system within the company's environment. The breach compromised names, Social Security numbers, addresses, and dates of birth of affected individuals. The company contained the incident upon notification by law enforcement, initiated an internal investigation confirming unauthorized data access, and subsequently notified impacted consumers. The Arizona-based business services provider, specializing in mortgage lender support, determined that exposed information varied by individual but included critical personally identifiable information.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On August 2, 2022, FocusIT, Inc. was contacted by the Texas Financial Crimes Intelligence Center regarding concerns that an unknown threat actor had potentially compromised a third-party system within the FocusIT environment. The company immediately contained the incident and initiated cooperation with law enforcement investigators. FocusIT conducted an internal investigation following this notification, which confirmed that unauthorized access to consumer data had occurred. The investigation determined that sensitive consumer information in the company's possession had been exposed to the unauthorized party. While the specific intrusion vector and duration of unauthorized access were not disclosed, the compromised data included names, Social Security numbers, addresses, and dates of birth of affected individuals. FocusIT undertook a review of affected files to identify both the scope of compromised information and the specific consumers impacted by the breach. The company did not publicly disclose the total number of affected individuals or the precise timeframe of the unauthorized access.
FocusIT completed its review of compromised data by September 28, 2022, when it filed official breach notices with multiple state attorney general offices, including Montana's. On the same date, the company began mailing individualized data breach notification letters to all impacted consumers. These letters detailed the categories of exposed personal information specific to each recipient and provided guidance about potential identity theft risks stemming from the incident. As a Scottsdale-based business services provider specializing in mortgage lender support through products including Pulse, Hosted PointCentral, and SecureShare, FocusIT's breach exposed consumer data held as part of its operational activities. The 25-employee company, which generates approximately $6 million in annual revenue, did not disclose whether the breach affected specific products or client institutions. The incident resulted in confirmed exposure of highly sensitive personally identifiable information that typically enables financial fraud and identity theft when compromised.