Consumer Privacy & Data Breaches

On October 31, 2022, the Administrative Fund of the Detectives’ Endowment Association, Inc., Police Department City of New York (“NYCDEA”) filed notice of a data breach with the Maine Attorney General after the organization learned that an unauthorized party gained access to sensitive information belonging to certain members. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to members’ names and

On November 1, 2022, Morrison Products, Inc. filed notice of a data breach with the Montana and Texas Attorneys General after learning that an unauthorized party hacked into the company’s computer system and accessed sensitive information pertaining to certain employees. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to employees’ names, addresses, and Social Security numbers. After confirming that consumer

On November 3, 2022, Alinsco Managing General Agency, Inc. filed notice of a data breach with the Texas Attorney General’s Office after the company discovered an unauthorized party had gained access to sensitive information in its possession. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, driver’s license numbers, government identification numbers, and financial account information. After confirming

On October 26, 2022, Convergent Outsourcing, Inc. filed notice of a data breach with the Office of the Montana Attorney General after the company was targeted in a June 2022 ransomware attack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, contact information, financial account numbers, and Social Security numbers. After confirming that consumer data was leaked,

On October 31, 2022, Three Rivers Provider Network (“TRPN”) filed notice of a data breach with the Vermont Attorney General after the company learned that an unauthorized party had gained access to an employee email account containing sensitive consumer information. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, dates of birth, addresses, Social Security numbers, passport

On October 31, 2022, Ethos Group filed notice of a data breach with the Attorney General of Vermont after the company learned that sensitive consumer information stored on the company’s computer network was compromised. While the company has not yet disclosed the exact data types leaked in the recent breach, based on the relevant data breach reporting requirements, it is likely that the incident affected consumers’ names

On October 31, 2022, CorrectCare Integrated Health filed notice of a data breach with the Office of the California Attorney General after the company learned that it had inadvertently posted sensitive information belonging to individuals incarcerated in the California Department of Corrections and Rehabilitation (“CDCR”) system on the internet. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ full

On October 29, 2022, Multi-Color Corporation (“MCC”) filed notice of a data breach with the California Attorney General after the company reportedly experienced a cyberattack that compromised the security of employee information contained on its computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to certain employees’ names, dates of birth, email addresses, mailing addresses, telephone numbers, Social Security

On October 31, 2022, OakBend Medical Center filed notice of a data breach with the Texas Attorney General following a September cyberattack in which the organization’s computer system was encrypted. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to certain individuals’ names, contact information, Social Security numbers and birth dates. After confirming that consumer data was leaked, OakBend began sending

On October 24, 2022, Somnia Pain Management filed notice of a data breach with the Attorney General of Maine after sensitive information that had been entrusted to the company was compromised after an unauthorized party gained access to the computer system of Somnia’s “Management Services Organization.” Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers

On October 17, 2022, MODE Global, LLC (“MODE Transport”) filed notice of a data breach with the Attorney General of Maine and other state attorney general offices after the company discovered that an unauthorized party had gained access to its computer system. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, addresses, Social Security numbers and driver’s license

On October 19, 2022, Flambeau, Inc. filed notice of a data breach with the Attorney General of Maine after the company was the target of an apparent cyberattack. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ first and last names, dates of birth, mailing addresses, and Social Security numbers. After confirming that consumer data was leaked, Flambeau

On October 25, 2022, Pinnacle Claims Management, Inc. (“PCMI”) filed a notice of a data breach with the Attorney General of California after the company learned that an unauthorized party had gained access to its computer network. While PCMI has not yet publicly disclosed the specific data types that were leaked, based on the company’s business, it is likely that the compromised information consists of consumers’ protected

On October 28, 2022, several healthcare practice groups filed notice of a data breach with the Attorney General of Montana after the company learned of a third-party data breach at U.S. Vision, Inc., a company that provided administrative services on behalf of the respective practices. Based on the companies’ official filings, the incident resulted in an unauthorized party gaining access to consumers’ full names, Social Security numbers

On October 14, 2022, WakeMed Health & Hospitals filed notice of a data breach with the U.S. Department of Health and Human Services Office for Civil Rights stemming from an incident that resulted in the “unauthorized access/disclosure” of sensitive patient information. However, because WakeMed has not yet publicly released the specific data types that were compromised in the recent incident, it remains unknown what information was leaked.