On July 22, 2024, Liberty Resources detected unauthorized network access, leading to a severe data breach between July 8 and July 22, 2024. The ransomware group RHYSIDA infiltrated systems, exfiltrated sensitive files, and later threatened to publish stolen data on the dark web. The breach exposed personally identifiable information (PII) and protected health information (PHI), including names, addresses, Social Security numbers, medical records, and health insurance details of 27 Massachusetts residents, encompassing both clients and employees.The attack escalated due to the ransomware component and the public disclosure of stolen data, heightening risks of identity theft, fraud, and reputational damage. Liberty Resources responded by offering free identity theft protection (IDX), including credit monitoring, a $1M insurance policy, and recovery services. Affected individuals were advised to monitor financial accounts, place fraud alerts, and scrutinize health insurance statements for suspicious activity. The breach underscores critical vulnerabilities in data security, with long-term consequences for trust and operational integrity.
Source: https://www.claimdepot.com/data-breach/liberty-resources-2025
TPRM report: https://www.rankiteo.com/company/liberty-resources-inc
"id": "lib1092510112025",
"linkid": "liberty-resources-inc",
"type": "Ransomware",
"date": "7/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '27',
'industry': 'Healthcare/Social Services',
'location': 'Massachusetts, USA',
'name': 'Liberty Resources',
'type': 'Organization'}],
'customer_advisories': 'Affected individuals were advised to enroll in '
'identity theft protection services and monitor '
'financial/health accounts.',
'data_breach': {'data_exfiltration': 'Yes',
'number_of_records_exposed': '27',
'personally_identifiable_information': 'Yes',
'sensitivity_of_data': 'High (PII and PHI)',
'type_of_data_compromised': ['Names',
'Addresses',
'Dates of Birth',
'Social Security Numbers',
'Medical Information',
'Health Insurance Information']},
'date_detected': '2024-07-22',
'date_publicly_disclosed': '2024-08-15',
'description': 'On July 22, 2024, Liberty Resources discovered unauthorized '
'access to its network, leading to a significant data breach '
'affecting its systems. The breach, attributed to the RHYSIDA '
'ransomware group, involved the exfiltration of sensitive PII '
'and PHI, including names, addresses, Social Security numbers, '
'medical information, and health insurance details. The group '
'threatened to publish the stolen data on their dark web '
'portal, increasing the risk of identity theft and fraud for '
'the 27 affected Massachusetts residents. Liberty Resources '
'responded by offering complimentary identity theft protection '
'services and advising affected individuals to monitor their '
'financial and health accounts for suspicious activity.',
'impact': {'brand_reputation_impact': 'High (due to public threat of data '
'release and involvement of ransomware)',
'data_compromised': ['Personally Identifiable Information (PII)',
'Protected Health Information (PHI)'],
'identity_theft_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Threatened (publication '
'of stolen data within a '
'week of 2024-08-15)',
'high_value_targets': ['Client PII',
'Employee PII',
'PHI']},
'investigation_status': 'Scope and types of information involved confirmed by '
'2025-09-25',
'motivation': ['Financial Gain', 'Data Theft', 'Extortion'],
'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'RHYSIDA'},
'recommendations': ['Enroll in complimentary identity theft protection '
'services (IDX).',
'Monitor financial account statements and credit reports '
'for unauthorized activity.',
'Place a fraud alert or security freeze on credit files.',
'Monitor explanation of benefits (EOB) statements from '
'health insurance providers for unfamiliar activity.'],
'references': [{'source': 'Massachusetts Attorney General Notice'},
{'source': 'Liberty Resources Public Notice'},
{'date_accessed': '2024-08-15',
'source': 'RHYSIDA Dark Web Portal'}],
'regulatory_compliance': {'regulatory_notifications': ['Massachusetts '
'Attorney General']},
'response': {'communication_strategy': ['Public notice to Massachusetts '
'Attorney General',
'Customer advisories with enrollment '
'instructions for identity protection '
'services'],
'incident_response_plan_activated': 'Yes',
'recovery_measures': ['Complimentary identity theft protection '
'services (credit monitoring, CyberScan '
'monitoring, $1M insurance policy, '
'identity theft recovery)'],
'third_party_assistance': ['IDX (for identity theft protection '
'services)']},
'threat_actor': 'RHYSIDA',
'title': 'Liberty Resources Data Breach and Ransomware Attack',
'type': ['Data Breach', 'Ransomware Attack']}