Posted On February 3, 2022 Consumer Privacy & Data Breaches
February 3, 2022 – Recently, DNA Diagnostics Center, Inc. announced that the personal, identifying, and financial information of approximately 2,102,436 individuals was compromised in a data breach. Our data breach attorneys are investigating this cybersecurity incident to determine if consumers could have the grounds for a data breach class action lawsuit.
The company recently reported that, between May 24, 2021, and July 28, 2021, an unauthorized party gained access to certain files on its servers. A subsequent investigation revealed that the files may have contained the following information:
According to reports, DNA Diagnostics Center, Inc. does not know which individuals’ information was actually accessed and cannot confirm that the unauthorized party retained any of the information.
However, anyone in receipt of a DNA Diagnostics Center, Inc. data breach notification letter may now face an increased risk of identity theft and other financial losses. Attorneys are now investigating this recent cybersecurity incident to determine whether the company took the necessary steps to keep your data secure and whether those impacted by the breach can pursue a data breach class action lawsuit.
A data breach occurs when a hacker or other unauthorized party secretly gains access to sensitive consumer information stored on a company’s servers through some kind of cyberattack. Once a hacker obtains consumer data, they may use the information to commit identity theft or for other criminal purposes. Sometimes hackers will sell the data they obtain through a cyberattack to the highest bidder.
No one can tell with certainty why a hacker targeted your data in a data breach or what they plan to do with it, but the fact that your sensitive information is in the hands of an unauthorized party puts you at a greater risk of identity theft.
As consumers, we all provide personal data to companies for a variety of reasons. We trust these companies to protect our private data and keep this information secure. Unfortunately, data breaches happen frequently.
Attorneys are investigating data events like this security breach to determine the legal rights of consumers who trusted corporations with their sensitive information. Often, hackers target companies that rely on outdated or otherwise inadequate data-security measures. If it is determined that DNA Diagnostics Center, Inc. did, in fact, fail to properly protect consumers’ data in some way, the individuals affected may be eligible to pursue compensation for their financial losses.
If you received a data breach letter from the company that experienced a security incident, it means that an unauthorized person—likely a criminal—may have accessed, viewed, and retained your personal information. While the company cannot know why the third party sought out your information and what they plan to do with it, the situation justifies a certain level of precaution on your part.
Below are a few ways to protect yourself from identity theft and the other possible financial risks that can stem from a data breach:
To protect and preserve their legal rights, it is highly recommended that individuals who received notice that their data may have been compromised immediately reach out to an experienced data breach attorney.
Companies have an ethical and legal duty to protect consumers’ personal, identifying, and financial information. While developing and implementing a comprehensive and up-to-date data-security system is costly, this is a necessary cost of doing business in an environment where cyberattacks and data breaches are common.
Data breach laws are complex, and just because your information may have been accessed while in DNA Diagnostics Center, Inc.’s care doesn’t necessarily make this company legally responsible. However, if a company fails to take appropriate actions to protect consumers’ sensitive information, it may face liability through a data breach class action lawsuit.
If you received a data breach notification letter, it is important that you not only protect yourself from possible fraud but also preserve your legal rights by speaking to a data breach attorney. Consumer privacy lawyers are undertaking investigations in legal matters involving all types of data breaches, ransomware attacks, and cyberattacks on a no-win, no-fee basis.
Find a copy of the DDC online data breach notification here. Below is a portion of the notification as of February 3, 2022.
Data Security Incident Information Center – DDC
We will keep this page updated with actions we are taking, including free credit monitoring and identity theft protection services for those whose personal information was potentially accessed.
What happened?
On August 6, 2021, DNA Diagnostics Center, Inc. (DDC) detected potential unauthorized access to its network, during which there was unauthorized access and acquisition of an archived database that contained personal information collected between 2004 and 2012. The impacted database was associated with a national genetic testing organization system that DDC acquired in 2012. This system has never been used in DDC’s operations and has not been active since 2012.
Therefore, impacts from this incident are not associated with DDC. However, impacted individuals may have had their information, such as Social Security number or payment information, impacted as a result.
Upon learning of this issue, DDC proactively contained and secured the threat and executed a prompt and thorough investigation in consultation with third-party cybersecurity professionals. DDC has also coordinated closely with law enforcement following the discovery of this incident. Our investigation determined that the unauthorized individual(s) potentially removed certain files and folders from portions of our database between May 24, 2021 and July 28, 2021. DDC has been and remains fully operational, and the systems and databases that are actively used by DDC were not infiltrated.
The in-depth investigation concluded on October 29, 2021, and DDC has begun notifying individuals potentially affected by this incident.
How will you know if you were impacted?
If you know you have received a relationship test from DDC directly, this incident did not affect that test, as the information was acquired from an archived system that was never used by DDC.
Individuals whose personal information was potentially accessed are being notified in accordance with state regulations, and out of an abundance of caution to protect against identity fraud, DDC is providing a complimentary membership of Experian credit monitoring to eligible individuals.
If you received a relationship test as a part of court proceedings or independent, individual testing between 2004 and 2012 but have not received a mailed letter from DDC regarding this incident, please contact 1-855-604- 1656 as you may be eligible for complimentary credit monitoring services through Experian.
What is DDC doing?
DDC has taken steps, in coordination with its third-party cybersecurity experts, to regain possession of this personal information and ensure its safekeeping. DDC is not aware of any reports of identity fraud or improper use of the information.
Additionally, out of an abundance of caution, we are offering free credit monitoring for impacted individuals to protect against identity fraud – see below for more information. Ensuring the safety and security of the personal information entrusted to us remains our primary responsibility, and we will continue to work with third-party experts to harden our cybersecurity defenses.
If you have any further questions regarding this incident, please call our dedicated and confidential toll-free response line that we have set up to respond to questions at 1-855-604-1656 The response line is available Monday through Friday 9:00 AM to 9:00 PM, Eastern Standard Time, excluding U.S. Holidays.
