Posted On April 21, 2022 Consumer Privacy & Data Breaches
April 21, 2022 – Recently, International Data Corporation (“IDC Research, Inc.”) announced a data breach resulting from an unauthorized party accessing the company’s computer network. On April 18, 2022, IDC Research, Inc. filed official notice of the breach and began sending data breach notification letters to all affected parties.
It is essential those who receive a data breach notification from International Data Corporation understand what is at risk.
The data breach lawyers at Console & Associates, P.C. are actively investigating the International Data Corporation data breach. As a part of our investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from International Data Corporation.
In 2021, there were 1,862 data breaches affecting more than 189,000,000 individuals. Victims of identity theft spend, on average, 200 hours and more than $1,300 recovering their identity. Many of these victims also suffer credit damage, emotional distress, and may even end up with a criminal record. Taking immediate action is the best way to prevent the worst consequences of a data breach.
According to a recent letter drafted by the company, on February 16, 2022, IDC Research learned that an unauthorized party had gained remote access to portions of its computer network. In response, the company engaged in an internal investigation to learn more about the incident. This investigation revealed that the unauthorized party likely first gained access to the IDC Research network on February 14, 2022. The company also confirmed that the hacker attempted to remove sensitive information belonging to certain individuals.
Upon learning of the extent of the security breach, International Data Corporation then reviewed the affected files to determine what information was compromised. On April 18, 2022, International Data Corporation began sending out data breach notification letters to all individuals whose information was compromised as a result of the recent data security incident.
International Data Corporation is a provider of market intelligence, advisory services, and events for the information technology, telecommunications, and consumer technology sectors. The company was founded in 1964 and currently maintains its headquarters in Needham, Massachusetts. International Data Corporation is a wholly-owned subsidiary of International Data Group, Inc., a technology media, data and marketing company. International Data Corporation employs more than 2,200 people and generates approximately $464 million in annual revenue.
When you allowed IDC Research access to your personal data, you trusted the company to keep your sensitive information safe. However, news of the IDC Research data breach raises some very serious questions about the company’s data security measures and whether the company could have done more to prevent this type of cyber-attack.
Regardless of the industry, all businesses have a legal obligation to protect consumer information in their possession. Although creating and maintaining a data security system is costly, this is a necessary expense given the frequency with which cyberattacks occur.
Consumers whose personal, identifying, financial or healthcare-related data was compromised in a data breach can pursue legal action against a company that misused or mishandled their information. However, the investigation into the International Data Corporation breach is only in its beginning phases. For that reason, it is too early to tell if IDC Research was legally responsible for the breach. However, our data breach attorneys are investigating the International Data Corporation security breach to determine the potential legal remedies of those affected.
If you have questions about your ability to pursue a data breach class action lawsuit against IDC Research, contact a data breach attorney as soon as possible.
If you receive a data breach notification from IDC Research in the coming weeks, it means your personal data was compromised in the recent cyberattack. It also means a cybercriminal may have had access to—and may have stolen—your personal data. Given the risks involved, it is important you remain vigilant by taking the following steps:
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the IDC Research data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a portion of the initial data breach letter issued by International Data Corporation:
We are writing regarding a cybersecurity incident that occurred at IDC Research, Inc. (“IDC”). We want to make clear at the outset that keeping personal data safe and secure is very important to us, and we deeply regret that this incident occurred.
On February 16, 2022, we detected that an unauthorized third party gained remote access to certain portions of IDC’s network in an effort to disrupt our operations. We promptly began to investigate the incident with the support of outside cybersecurity experts. We believe the unauthorized third party first gained remote access to our network on or about February 14, 2022. Based on our investigation, we identified an attempt by the unauthorized third party to acquire some of IDC’s internal company data, which included personal information of certain individuals, including certain of your personal information, but we do not have evidence confirming that this attempt was successful.
WHAT INFORMATION WAS INVOLVED?
The types of personal information that the unauthorized third party may have accessed or obtained included your [REDACTED]. However, IDC currently has no evidence confirming that your information has actually been removed from its system or misused. Targeted online monitoring commissioned by IDC has not revealed any indications that IDC’s data (including personal data belonging to you or other individuals) has been or is potentially going to be published, or has been acquired by another unauthorized third party.
WHAT WE ARE DOING
We took prompt steps to address this incident, including contacting law enforcement and engaging outside cybersecurity experts to help remediate and ensure the ongoing security of our systems. As part of our ongoing efforts to ensure the security of our systems, we have enhanced cybersecurity protections throughout our environment and will continue to improve our security based on what we learn.
In an abundance of caution, we have secured the services of Equifax to provide identity and credit monitoring services at no cost to you for two years. Below please find information on signing up for a complimentary two-year membership to Equifax Complete Premier which helps detect misuse of your personal information and provides you with identity protection focused on identification and resolution of identity theft.