Recently, Northern Data Systems, Inc. filed notice of a data breach with the Massachusetts Attorney General after the company confirmed that sensitive consumer data stored on its computer system was accessible to an unauthorized party. According to Northern Data Systems, the breach resulted in the names, Social Security numbers, phone numbers, addresses, driver’s license numbers, medical information and financial information belonging to certain individuals being compromised. Earlier this month, Northern Data Systems sent data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

Because the Northern Data Systems breach involved consumers' Social Security numbers, victims of the incident are at an increased risk of identity theft and other frauds. To learn more about how hackers and other criminals use your information to carry out these crimes, please see our recent post on the topic here.

What We Know About the Northern Data Systems Data Breach

The available information regarding the Northern Data Systems breach comes from the company’s filing with the Attorney General of Massachusetts. At this point, the company has not yet posted notice of the incident on its website; however, according to the Northern Data Systems filing with the Massachusetts AG, on May 13, 2022, the company learned that an unauthorized third party had gained access to a portion of its network. While it remains unclear how the incident came to light, in response, Northern Data Systems secured its systems and began working with a third-party cybersecurity firm to investigate the incident and determine what, if any, consumer information was compromised.

The investigation confirmed unauthorized access to files containing sensitive consumer information. Next, with the assistance of a data review firm, Northern Data Systems began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, phone number, address, driver’s license number, medical information and financial information.

Once Northern Data Systems company completed its investigation, it sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident. The company’s letter appears to be addressed to the customers of its clients. Thus, it is likely that consumers who receive a data breach letter from Northern Data Systems may not have heard of the company.

Established in 1975, Northern Data Systems, Inc. is a software company based in Falmouth, Maine. The company develops a range of software applications for utilities, credit unions, local government, and healthcare organizations. Some of the company’s products include EDIFICE, SHARETEC, INVISION, and INSIGHT. Northern Data Systems employs roughly 30 people and generates between $25 to $100 million in annual revenue.