Posted On October 3, 2022 Consumer Privacy & Data Breaches
On September 28, 2022, focusIT, Inc. filed notice of a data breach with the Attorney General of Montana after an unauthorized party gained access to the company’s computer network. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers, addresses and dates of birth. After confirming that consumer data was leaked, focusIT began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the focusIT data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from focusIT, Inc.
The available information regarding the focusIT breach comes from the company’s filing with the Attorney General of Montana, as well as other state Attorney General offices. According to these sources, on August 2, 2022, focusIT was contacted by the Texas Financial Crimes Intelligence Center based on concerns that “an unknown threat actor potentially compromised a third party system in the focusIT environment.”
In response, focusIT contained the incident and cooperated with the law enforcement investigation. The company also conduct an internal investigation, confirming that consumer data in focusIT’s possession was available to an unauthorized party.
Upon discovering that sensitive consumer data was made available to an unauthorized party, focusIT began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, date of birth and address.
On September 28, 2022, focusIT sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
focusIT, Inc. is a business services company based in Scottsdale, Arizona. The company provides a range of services to mortgage lenders designed to make the process smoother and, in turn, more profitable. The company’s products, Pulse, Hosted PointCentral, and SecureShare. focusIT employs approximately 25 people and generates approximately $6 million in annual revenue.
Last year, over 320 million people fell victim to one or more data breaches. While the methods that hackers use to orchestrate these attacks vary, the end result is the same: sensitive consumer information ends up in the hands of those who intend to use it for illegal purposes, such as identity theft. Given that data breaches are becoming more and more common, and the fact that hackers are becoming more adept at carrying out crimes of fraud against victims, it is essential that you know what to do in the event your information is leaked in a data breach.
The biggest risk data breaches pose is that a hacker uses your personal information to steal your identity or sells your information on the dark web to another criminal. What the hacker then does with the information can vary from financial identity theft to healthcare ID theft, depending on the compromised data. Of course, there is nothing you can do to prevent a data breach in the first place; however, there are some important steps you can take to reduce the chances of falling victim to identity theft or other frauds after receiving a data breach letter.
After receiving a data breach letter, the first thing to do is to carefully read the letter to determine what information was accessible to potential criminals. Depending on the type of data that was compromised will inform your response and you may want to take additional steps to protect yourself. So, while the steps below apply to all data breaches, they are not an exhaustive list. This is especially the case if a breach involves highly sensitive information such as your financial account numbers or Social Security number.
Hackers usually try to use any stolen data as soon as they can. This is because they don’t want to give you the chance to close your account. Thus, many people notice fraudulent activity shortly after a breach. However, it may take some time for criminals to obtain other information they need to steal your identity or commit other types of fraud. Thus, it is imperative that you diligently check your online bank and credit card accounts, as well as your credit report. This includes checking accounts that were not compromised in the breach.
Credit monitoring is a fee-based service that helps keep you on notice when anyone tries to access your credit. Typically credit monitoring costs between $20 and $40 per month. However, companies typically offer victims free credit monitoring for a period of time—usually between one to two years. Indeed, focusIT indicates that it will be providing victims of the breach with this service for a period of 12 months. It is always a good idea to sign up for free credit monitoring because it can alert you to potential fraud. Additionally, there is no risk to signing up for free credit monitoring because doing so doesn’t impact your rights to bring a data breach lawsuit against a company that negligently leaked your information.
Upon request, all three of the major credit bureaus will put a fraud alert or credit freeze on your credit account. A fraud alert notifies potential creditors that you have reason to believe someone may try to illegally open an account in your name, putting them on notice that the person claiming to be you may be an imposter. A credit freeze takes this protection a step further by preventing anyone from pulling your credit without your advance approval. The Identity Theft Resource Center has repeatedly explained that placing a credit freeze on your credit account is the single best way to prevent fraud after a data breach. However, just three percent of data breach victims seek this level of protection.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the focusIT data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a copy of the initial data breach letter issued by focusIT, Inc. (the actual notice sent to consumers can be found here):
Dear [Redacted],
We write to inform you of a recent incident that may have involved personal information about you.
WHAT HAPPENED? On August 2, 2022, focusIT, Inc., a third-party vendor of [REDACTED], who facilitates Residential Mortgage application processing, was notified by the Texas Financial Crimes Intelligence Center that unknown threat actor(s) potentially compromised a third party system in the focusIT environment. This compromise resulted in your personal information potentially being accessed by unknown threat actors. This incident was swiftly investigated and contained.
WHAT INFORMATION WAS INVOLVED? Personal information of applicants or account holders including your name, date of birth, address, and Social Security number.
WHAT WE ARE DOING. As a victim of this crime, we are working with the appropriate law enforcement and regulatory officials including the FBI. Please know that protecting your personal information is something that we take very seriously. We apologize for both this unfortunate incident and any inconvenience it may cause you. We are providing notice and offering free credit monitoring services to certain individuals based on the personal information that was potentially exposed. If you believe your personal information was affected, please contact us so that we may pursue our investigation to the fullest extent of the law.
WHAT YOU CAN DO. The Federal Trade Commission (FTC) recommends that you remain vigilant by checking your credit reports periodically. Checking your credit reports can help you spot problems and address them quickly. You can also order free copies of your annual reports through www.annualcreditreport.com. You should monitor your financial accounts for any suspicious activity. For more information about steps you can take to reduce the likelihood of identity theft or fraud, call 1-877-ID-THEFT (877-438-4338), visit the FTC’s website at [Redacted], or write to: Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580. However, if you believe you are the victim of identity theft, you should immediately contact your local law enforcement agency, your state’s attorney general, or the FTC. In addition, the National Cyber Security Alliance offers tips to protect yourself online at: [Redacted].
We have arranged for you to receive free credit monitoring services to help you protect your identity and credit information. (See enclosed instructions.) If you choose to enroll, you will receive communications detailing any key changes to your credit reports. Your coverage will last for 1 year from the date of enrollment.
