Illinois-based security services provider Andy Frain Services has disclosed a data breach that exposed the personal information of more than 100,000 individuals, according to a notification sent to the Maine Attorney General’s Office. The breach, discovered in October 2024, is believed to have compromised sensitive data, although the company has not shared technical details or a full list of what was accessed.
Andy Frain Services is a prominent provider of on-site security for sports stadiums, universities, airports, transportation systems, and commercial venues across the U.S. The breach could have wide-ranging implications, given the broad scope of its operations and client base.
Though the company’s notification letter lacks specific information about the breach, the fact that affected individuals are being offered 12 to 24 months of free credit monitoring and identity restoration services strongly suggests that sensitive personal data—such as Social Security numbers or financial records—may have been accessed.
Black Basta Ransomware Group Behind the Attack
The Black Basta ransomware group, known for targeting critical infrastructure and enterprises, has claimed responsibility for the attack. In November 2024, the group announced it had stolen approximately 750 gigabytes of data, including files related to Andy Frain’s accounting, HR, and legal departments.
After a period of activity last year, Black Basta has remained quiet in recent months. Cybersecurity experts suggest the group may be regrouping or rebranding, as is common with sophisticated ransomware actors. While no new victims have been confirmed publicly, many expect the threat group—or its operators—to resurface under a different name or method.
For those impacted by the Andy Frain data breach, the long-term risk of identity theft remains a concern. Given the nature of ransomware attacks, stolen data can often resurface on dark web marketplaces or be used in future targeted phishing campaigns.
