Strauss Borrelli PLLC, a leading data breach law firm, is investigating Smart ERP Solutions, Inc. (“Smart ERP”) regarding its recent data breach. The Smart ERP data breach involved sensitive personal identifiable information belonging to an undetermined number of individuals.
ABOUT SMART ERP SOLUTIONS, INC.:
Smart ERP is an information technology and software provider based in California. Founded in 2005, Smart ERP specializes in the business applications space, providing end to end solutions that extend the capabilities of ERP systems to meet specific business process needs.2 Today, the solutions offered by Smart ERP include onboarding, employee offboarding, form I-9, security, compliance, and SoD, talent procurement, and more. Headquartered in Pleasanton, California, Smart ERP employs over 300 individuals worldwide.
WHAT HAPPENED?
Recently, Smart ERP reported to the Attorney General of Vermont that it had experienced a data breach in which sensitive personal identifiable information in its systems may have been accessed and acquired. According to the breach notice, on July 13, 2024, Smart ERP experienced a network security incident that impacted some of its operations.1 As a result, Smart ERP launched an investigation to determine the nature of the incident.
Through its investigation, Smart ERP confirmed that sensitive personal information in its systems may have been viewed and obtained by an unauthorized third party between July 3 and July 13, 2024. As a result, Smart ERP began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by Smart ERP. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government issued ID card numbers (e.g., individual taxpayer ID number, passport number, military ID card number)
- Financial account number or credit or debit card number
- Unique biometric data (e.g., fingerprint, retina or iris image, or other unique biometric representation)
- Genetic information
- Health record or records of a wellness program or similar program of health promotion or disease prevention (e.g., healthcare professional’s medical diagnosis or treatment of the consumer, health insurance policy number)
On March 11, 2025, Smart ERP began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to Vermont residents, Smart ERP is providing affected individuals with a list of the specific types of sensitive information impacted and 12 months of complimentary credit monitoring services. A link to the form breach notification letters that Smart ERP filed with the Attorney General of Vermont is below.
If you received a breach notification letter from Smart ERP Solutions, Inc.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
