Stanley Steemer reports data breach, exposes 67K customers

Stanley Steemer International, a carpet cleaning company based in Dublin, Ohio, reported a cyberattack that impacted 66,978 customers. The company first detected suspicious activity on March 6, prompting an initial investigation. Subsequently, it was determined that the attackers had gained unauthorized access to the company's systems starting from February 10 and remained within the network for some time.

Upon discovering the breach in March, Stanley Steemer notified federal authorities about the incident and initiated measures to secure their systems.

The compromised data may include sensitive customer information such as:

• names,
• Social Security numbers,
• drivers' license numbers,
• financial account details.
• credit and debit card information with security codes and PIN codes,

The company did not provide specific details about how the hackers managed to infiltrate the company's computer network nor a good reason for storing security and pin codes for credit cards

Update - While the company doesn't comment whether it was a ransomware attack, the Play ransomware gang claimed responsibility for the breach.