Posted On May 26, 2022 Consumer Privacy & Data Breaches

Data Breach Alert: Inglis Foundation

May 26, 2022 – Inglis Foundation reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the names, Social Security numbers, dates of birth, addresses, bank account information and health information of certain individuals was compromised. On May 20, 2022, Inglis Foundation sent out data breach letters to those individuals whose information was affected by the breach.

The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Inglis Foundation, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form, for a free case evaluation.

Below is a portion of the letter that Inglis Foundation sent to individuals affected by the data breach:

Dear [Consumer],

At Inglis, we value transparency and respect the privacy of your information, which is why we are writing to let you know about a cyber‐attack that may involve your personal information, what we have already done in response, what we are continuing to do, and steps you can take to proactively protect your personal information.

What Happened

On April 17, 2022, Inglis learned that we were the victim of a cyber‐attack. Unfortunately, we are one of the thousands of organizations, both large and small, experiencing these types of incidents. Once we found out, we quickly took steps to secure and safely restore our systems and operations. Further, we immediately engaged third‐party forensic and incident response experts to conduct a thorough investigation of the incident’s nature and scope and assist in the remediation efforts. We also contacted the FBI to inform them of the incident, filed a report, and sought further guidance. On April 26, 2022, we determined that the incident involved the acquisition of personal identifiable information. It took time for us to investigate, ascertain what was affected, and to verify our findings. As of May 2, 2022, to the best of our knowledge and ability, we have confirmed the deletion of the impacted information.

Our investigation into the cause of the incident is ongoing, but based on our initial review, we discovered that your personal information may have been included in the incident. However, as of now, we have no evidence indicating any of your information has been used for identity theft or financial fraud.

What Information Was Involved

The personal information potentially involved may include your first and last name, date of birth, address, Social Security Number, financial information (i.e., bank account information), medical insurance information, and/or health information (to the extent that this was previously provided to Inglis).

What We Are Doing

The security and privacy of the information contained within our systems is a top priority for us. In response to this incident, we are implementing additional safeguards to our existing cybersecurity infrastructure and enhancing our employee cybersecurity training.

As a continuation of our existing commitment on this critical issue, we are working with cybersecurity experts to improve our cybersecurity policies, procedures, and protocols to help minimize the likelihood of this type of incident occurring again.

Also, we are providing you with access to Single Bureau Credit Monitoring * services at no charge. These services provide you with alerts for twelve (12) months from the date of enrollment when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. In addition, we are providing you with proactive fraud assistance to help with any questions that you might have or in the event that you become a victim of fraud. These services will be provided by Cyberscout, a TransUnion company specializing in fraud assistance and remediation services.

[. . .]

For More Information

We sincerely regret this incident occurred and for any concern it may cause. We understand that you may have questions about it beyond what is covered in this letter. If you have any additional questions, please contact the external, dedicated call center we set up at [REDACTED] from 8:00 am to 8:00 pm Eastern time, Monday through Friday (except holidays). Representatives will be available for 90 days.

You may also contact [REDACTED], or by email at [REDACTED].

I want you to know how upset we all are that this has happened. That even with every effort to build out the strong protections for our data, and the training we provide to keep everyone’s information safe, it is so frustrating and unsettling that something like this can happen, especially to an organization whose sole purpose is the support of others. Please know we are all in this together and we will get through it together.