Posted On March 17, 2022 Consumer Privacy & Data Breaches
March 17, 2022 – Recently, Bonita Springs Utilities, Inc. (“BSU”) announced that some of the company’s clients’ personal information was compromised as a result of a data breach involving IberiaBank and Technology Management Resources, Inc. It is essential those who receive a data breach notification from Bonita Springs Utilities understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Bonita Springs Utilities data breach on behalf of people whose information was exposed. As a part of our investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from one of the companies involved.
In 2021, there were 1,862 data breaches affecting more than 189,000,000 individuals. Victims of identity theft spend, on average, 200 hours and more than $1,300 recovering their identity. Many of these victims also suffer credit damage, emotional distress, and may even end up with a criminal record. Taking immediate action is the best way to prevent the worst consequences of a data breach.
Bonita Springs Utilities is a nonprofit water utility company that was founded by citizens of Bonita Springs, Florida in 1970. BSU provides water service to much of Bonita Springs, as well as portions of the Village of Estero.
Bonita Springs Utilities uses IberiaBank to process customers’ payments. To facilitate the payment processing, IberiaBank uses a lockbox service provided by Technology Management Resources, Inc. (“TMR”).
According to an official filing by BSU, on January 6, 2022, IberiaBank informed BSU of a data security incident involving the TMR lockbox services it uses to process BSU payments. More specifically, IberiaBank explained that TMR had identified suspicious activity regarding a user account in the company’s payment application on or around October 14, 2021. Evidently, the unauthorized party was able to obtain customer information available through the portal. At this time, however, IberiaBank had not informed BSU that any of BSU’s customers were impacted by the breach.
However, on February 10, 2022, IberiaBank provided updated information to BSU, informing the company that certain customers’ sensitive data was accessible to the unauthorized party.
In response, TMR investigated the incident, determining that an unauthorized party may have gained access to the payment application between October 12 and October 14, 2021. This information includes the names and financial account information of as many as 4,419 customers.
On March 11, 2022, Bonita Springs Utilities began sending out data breach notification letters to all individuals whose information was compromised as a result of the recent data security incident.
This isn’t the first time BSU customers’ information was compromised as a result of a TMR data breach. Back in 2020, there was a TMR data breach under very similar circumstances, impacting as many as 3,143 customers.
When you allowed BSU access to your personal data, you may not have known about the company’s relationship with IberiaBank and TMR. Regardless, you assumed that BSU and the company’s it contracts with would do everything possible to keep your data secure. However, news of the BSU data breach raises some very serious questions about the data security measures at TMR, and possibly at IberiaBank and BSU.
Regardless of the industry, all businesses have a legal obligation to protect consumer information in their possession. This is the case regardless of whether a company is given a consumer’s information directly from the consumer or through a third-party. Although creating and maintaining a data security system is costly, this is a necessary expense given the frequency with which cyberattacks occur.
Consumers whose personal, identifying, financial or healthcare-related data was compromised in a data breach can pursue legal action against a company that misused or mishandled their information. However, the investigation into the Bonita Springs Utilities breach is only in its beginning phases. For that reason, it is too early to tell if any of the companies involved were legally responsible for the breach. However, our data breach attorneys are investigating the Bonita Springs Utilities security breach to determine the potential legal remedies of those affected. Of course, data breaches involving multiple companies, all of which had access to (and a responsibility to maintain) consumer data, are especially complex.
If you have questions about your ability to pursue a data breach class action lawsuit in the wake of the BSU breach, contact a data breach attorney as soon as possible.
If you receive a data breach notification from BSU in the coming weeks, it means your personal data was among that which was compromised in the recent cyberattack. It also means a cybercriminal may have had access to—and may have stolen—your personal data. Given the risks involved, it is important you remain vigilant by taking the following steps:
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the BSU data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.