Posted On January 31, 2022 Consumer Privacy & Data Breaches
January 31, 2022 – Data breaches and other cybersecurity concerns continue to be a hot topic, as the number of reported data security incidents continues to grow with each new week. One of the most recent data breaches involves Fluid Components International, LLC, a manufacturing company based out of San Marcos, California.
According to Fluid Components International (“FCI”), the company learned that it was the victim of a cyber-attack on November 9, 2021, when it first noticed suspicious activity on its computer network. In response, Fluid Components International conducted an internal investigation into the incident. While this investigation is not yet complete, FCI confirmed that a hacker may have gained access to sensitive employee information stored on the company’s servers. This data includes affected employees’ full names, Social Security numbers, driver’s license numbers, state-issued identification numbers, health insurance information, credit or debit card information, medical information, usernames and passwords, and other personal information.
Cyberattacks such as the Fluid Components International data breach are increasingly common and raise significant concerns for consumers as well as employees. In many cases, a cybersecurity incident such as this one is the result of a person hacking into secure company computers to view, and possibly steal, employee information. While a hacker’s intentions are unknown, and no one knows why Fluid Components International was targeted in the recent cyberattack, it is not uncommon for cybercriminals to identify companies that have inadequate data security systems.
Once a hacker breaches a computer network, they can then access and remove sensitive data from the compromised network. While companies can often tell which files were accessible, they may not be able to confirm which of the compromised files were actually viewed by the unauthorized party or whether that party removed any of the data contained in those files.
The fact that your information was leaked in the Fluid Components International data security incident does not necessarily mean a cybercriminal will steal your identity or otherwise use it for illegal purposes. However, it is a possibility that should not be ruled out.
Given the risks that network intrusions like this one pose, those who receive an FCI data breach notification letter should treat the situation with the seriousness it deserves.
When you decided to work for Fluid Components International, you voluntarily gave the company access to your personal information. In doing so, you also trusted the company to keep your information secure. Certainly, anyone in your shoes would assume that their employer would safeguard their information. However, news of the Fluid Components International data breach raises some questions about the company’s data security measures and whether it could have been done to prevent the breach.
Employers have an ethical and legal obligation to ensure sensitive employee information in their possession remains private. While developing a system to protect employee data from cyber threats comes at a high cost, this is a necessary expense for businesses operating in an environment where cyberattacks, network intrusions and other data security events are common.
The U.S. consumer privacy laws allow consumers and employees to pursue data breach lawsuits against companies that misuse or mishandle their data. However, because the Fluid Components International data breach is very recent, and details about the incident are still emerging, there is currently no evidence indicating Fluid Components International was responsible for the breach. However, this could change. Our data breach attorneys are investigating the Fluid Components International data security incident and its potential causes to determine what legal remedies, if any, employees of Fluid Components International may have against the company.
If you have questions about your ability to bring a data breach class action lawsuit against Fluid Components International, you should contact a data breach lawyer as soon as possible.
If you receive a data breach notification letter from Fluid Components International, your data was among that which was compromised. This means that cybercriminals may have accessed, viewed, and stolen your personal data. While it is possible that no harm may come of this event, unfortunately, you won’t know that to be the case until it’s too late. Thus, it is very important you remain vigilant by taking the following steps:
Fluid Components International, Inc. (“FCI) is a manufacturing company headquarters in San Marcos, California. in Concord, California. More specifically, the company designs and manufactures thermal mass flow meters, flow switches and level switches for industrial process measurement applications. In Plain English, the company develops and creates equipment that enables other manufacturers to accurately measure variables such as temperature, pressure and flow. FCI customers include businesses in the following industries: aerospace, chemical, oil and gas, water and wastewater, power and energy, pharmaceutical, pulp and paper, nuclear power, and others. FCI was founded in 1964 in Canoga Park, California, and relocated to San Marcos in 1980.
The Fluid Components data breach was first discovered on November 9, 2021, when the company became aware of suspicious activity on its computer network. Quickly thereafter, FCI determined that it was the victim of a cyberattack. In response, the company launched an investigation to determine the nature and extent of the breach. The FCI data breach investigation is ongoing. However, the company confirmed certain consumer information may have been viewed or copied by an unauthorized party between September 17, 2021 and November 8, 2021.
On December 9, 2021, FCI discovered that, as a result of the hacking incident, sensitive consumer information was compromised. The information that was accessible to the hacker includes consumers’:
Below is a copy of the initial data breach letter issued by Fluid Components International (a sample of the actual notice sent to consumers can be found here):
Dear [Consumer],
Fluid Components International, LLC (“FCI”) is writing to make you aware of a recent incident that may affect the security of some of your information. This notice provides you with information about the incident, our response, and steps you may take to better protect your information, should you feel it is appropriate to do so.
What Happened?
On November 9, 2021, we became aware of suspicious activity within our IT environment. We promptly took steps to assess the activity and determined that FCI was the target of a cyber-attack that was impacting certain systems. Since that time, FCI has been working diligently, with the assistance of third-party forensic investigators, to confirm the nature and scope of the activity and restore the function and security of FCI’s environment. While the forensic investigation into this incident is active and ongoing, to date, we have determined that certain information may have been viewed on or copied from our system without authorization as part of the cyber-attack, which occurred between September 17, 2021 and November 8, 2021. We began a thorough review of the data that was potentially viewed or affected to determine whether it contained any sensitive information and identify affected individuals. While our efforts to determine what information may be affected by this incident are still ongoing, beginning on or about December 9, 2021, we identified certain personal information in the potentially affected data and we have begun taking steps to notify individuals whose data might be involved.
What Information Was Involved?
The investigation and review of the involved FCI systems and files are ongoing. The information that may be affected includes data that FCI holds in relation to its employees and may vary by person. To date, we have identified that this includes name and Social Security number in some instances. It may also include other HR related data, such as financial account information, credit or debit card information, federal, state or driver’s license identification numbers, health insurance information, medical information, usernames and passwords, or other personal information. FCI is providing individuals with information on how to protect against potential misuse of such information and encourages individuals to review this information and take any steps they view as appropriate.
What We Are Doing.
We take this event and the security of personal information in our care very seriously. We have security measures in place to protect the data on our systems and we continue to assess and update security measures and training to our employees to safeguard the privacy and security of information in our care. We have reported this incident to law enforcement, and we are also notifying regulatory authorities, as required by law.
As an added precaution, we are also offering you access to two (2) years of credit monitoring and identity monitoring services through Experian at no cost to you. These services include credit monitoring, fraud consultation, and identity theft restoration. If you wish to activate Experian’s identity monitoring services, you may follow the instructions included in the “Steps You Can Take to Protect Your Information.”
