Posted On July 12, 2022 Consumer Privacy & Data Breaches
July 12, 2022 – Recently, Central Licensing Bureau, Inc. (”CLB”) filed notice of a data breach after the company discovered it was the target of a ransomware attack. Based on the most current information, the Central Licensing Bureau breach resulted in the following information being leaked: first and last names, addresses, dates of birth, Social Security numbers, and, in some cases, driver’s license numbers. On July 8, 2022, CLB began sending out data breach letters, notifying affected parties of the incident, what information of theirs was exposed, and what they can do to protect themselves from identity theft and other forms of fraud.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the CLB data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Central Licensing Bureau, Inc.
According to an official notice filed by the company, on November 29, 2021, Central Licensing Bureau detected a ransomware attack in which an unauthorized party accessed and disabled portions of the company’s computer systems. In response, CLB enlisted the assistance of a third-party cybersecurity forensic firm to further secure its systems and investigate the incident. As a result of this investigation, the Central Licensing Bureau learned that the unauthorized party orchestrating the attack was able to gain access to certain files containing consumer data.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Central Licensing Bureau then reviewed the affected files to determine which consumers were affected and what information of theirs was accessible to the unauthorized party. The Central Licensing Bureau completed this process on June 10, 2022. While the breached information varies depending on the individual, it may include your first and last name, address, date of birth, social security number, and driver’s license number.
On July 8, 2022, Central Licensing Bureau sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Founded in 1982, Central Licensing Bureau, Inc. is a company that provides support services to the insurance industry. More specifically, CLB provides licensing services for insurance companies, agents and corporations nationwide, including resident and non-resident licensing, license renewals, secretary of state corporate qualifications, and insurance company appointments. The company also facilitates third-party administrator, adjuster and surplus lines and manages general agency licensing. The Central Licensing Bureau employs more than 30 people and generates approximately $7 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the CLB data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a copy of the initial data breach letter issued by Central Licensing Bureau, Inc. (the actual notice sent to consumers can be found here):
Dear [Redacted],
Central Licensing Bureau, Inc. (“CLB”) provides licensing services for insurance companies, agents and corporations nationwide. We are writing to inform you of an incident that involved your personal information. We take the security of your personal information seriously, and want to provide you with information and resources you can use to protect your information.
What Happened and What Information was Involved:
On November 29, 2021, we detected and stopped a sophisticated ransomware attack, in which an unauthorized third party accessed and disabled some of CLB’s computer systems. We immediately engaged a third party forensic firm to assist us with securing the network environment and investigating the extent of any unauthorized activity. This investigation identified a data set that was accessed by the unauthorized party. We then performed an extensive data mining investigation to identify what individuals had sensitive information within this data set, which was completed on June 10, 2022.
We found no evidence that your information has been specifically misused; however, it is possible that the following information could have been accessed by an unauthorized third party: first and last name, address, date of birth, social security number, and, in some cases, driver’s license number. Notably, your medical records and financial account or payment card information were not compromised as a result of this incident.
What We Are Doing:
Data security is one of our highest priorities. Upon detecting this incident we moved quickly to initiate a response, which included conducting an investigation with the assistance of IT specialists and confirming the security of our network environment. We wiped and rebuilt affected systems and have taken steps to bolster our network security. We also reviewed and altered our policies, procedures, and network security software relating to the security of our systems and servers, as well as how we store and manage data.
We value the safety of your personal information and are providing you with access to Single Bureau Credit Monitoring services at no charge. These services provide you with alerts for twelve (12) months from the date of enrollment when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. In addition, we are providing you with proactive fraud assistance to help with any questions that you might have, or in the event your identity is compromised. These services will be provided by Cyberscout through Identity Force, a leading data protection company.
What You Can Do:
To enroll in Credit Monitoring services at no charge, please log on to [Redacted] and follow the instructions provided. When prompted, please provide the following unique code to receive services: [Redacted] Please note the deadline to enroll is October 15, 2022. The enrollment requires an internet connection and email account and may not be available to minors under the age of 18 years of age. Please note that when signing up for monitoring services, you may be asked to verify personal information for your own protection to confirm your identity.
We encourage you to take full advantage of this service offering. Cyberscout representatives have been fully versed on the incident and can answer questions or concerns you may have regarding protection of your personal information. Enclosed you will find additional information regarding the resources available to you, and the steps that you can take to further protect your information.
For More Information:
If you have additional questions, please call our dedicated, toll-free line at 1-888-616-9416, Monday through Friday, 8:00am – 8:00pm Eastern time, excluding holidays. Representatives are available for 90 days.
