Posted On January 24, 2022 Consumer Privacy & Data Breaches
January 24, 2022 – In recent news, the auto dealership chain, Jim Koons Automotive Company, announced the company experienced a data breach affecting more than 114,000 individuals. According to the company’s most recent news release, on June 5, 2021, Jim Koons Automotive Company noticed unauthorized activity on certain company computer systems. As a result, the names, addresses, Social Security numbers, driver’s license numbers, and financial account information of affected consumers were compromised.
A data breach occurs when an unauthorized party—often a hacker or other criminal actor—surreptitiously accesses sensitive consumer information maintained by a company or organization. Often, these parties target organizations they know to have weak data-security measures. While some hackers may personally use the information obtained through a cyberattack to commit identity theft, others sell the data to the highest bidder. Regardless, victims of a data breach are more likely to experience identity theft, although they may not immediately notice any signs of suspicious activity. Given the risks, it is imperative anyone who received a data breach letter from Jim Koons Automotive Company take precautionary steps to protect themselves from the host of risks that data breaches such as this one present.
Anyone impacted by the Jim Koons Automotive Company data breach has good reason to be concerned. In recent years, identity theft crimes have skyrocketed. In many instances, those committing these crimes obtained consumer data through a data breach.
Companies like Jim Koons Automotive Company have an obligation to protect consumer data. If evidence emerges that Jim Koons Automotive Company mishandled your sensitive information leading up to the data breach, you may be eligible for financial compensation through a data breach class action lawsuit.
When you bought a car or applied for a loan through Jim Koons Automotive Company, you provided the company with your personal information. You willingly gave the company information that you normally take care to keep private. In doing so, you trusted that the company would take your privacy seriously. Certainly, you assumed that they would take whatever steps were necessary to prevent your sensitive financial and personal information from ending up in the possession of a potential criminal. However, the recent data breach raises serious questions about the data security measures Jim Koons Automotive Company had in place at the time of the breach.
All businesses have an ethical and legal duty to safely maintain the personal, identifying and financial information of consumers. While developing and implementing a data-security system isn’t cheap, it is a cost of doing business in an environment where hacking and cyberattacks are common. If a company does not take its consumer privacy obligations seriously, it may be liable through a data breach class action lawsuit. Of course, the data breach laws in the United States are complex, and news of this data breach is very recent. Thus, at this point, there is not yet any evidence that Jim Koons Automotive Company was negligent in how it handled consumer data. However, our data breach lawyers are looking into the breach to determine what legal remedies affected parties have against the company.
If you have questions about your ability to bring a class action lawsuit against Jim Koons Automotive Company, it is essential that you contact a data breach attorney as soon as possible.
If you received a data breach letter from Jim Koons Automotive Company, it means your information was among that which was accessible to the unauthorized party. It also means a total stranger may have accessed, viewed, and retained your sensitive personal information. While there is no telling why someone sought your information and what they might do with it, it is important you remain vigilant to protect yourself by taking the following steps:
Jim Koons Automotive Company is one of the largest family-owned car dealerships in the United States. With 28 franchises in 19 locations, Jim Koons Automotive Company employs more than 2,000 people. The company primarily focuses on the Washington, DC area, including Maryland, Virginia and Delaware. Jim Koons Automotive Company dealerships sell new cars from the following manufacturers: Buick, Chevrolet, Chrysler, Dodge, Ford, GMC, Hyundai, Jeep, Kia, Lexus, Mercedes-Benz, Ram, Sprinter, Toyota, and Volvo. Additionally, the company sells certified pre-owned vehicles from all manufacturers.
According to the most recent data breach letter issued by Jim Koons Automotive Company, on June 5, 2021, the company first noticed unusual activity occurring on several of the company’s computer systems. In response, Jim Koons Automotive Company enlisted the help of computer forensic specialists, who confirmed that an unauthorized party gained access to part of the company’s IT network and encrypted network files.
Jim Koons Automotive Company then conducted an in-depth review of all the compromised information. On December 21, 2021, the company determined that data belonging to 114,153 consumers was accessible to the unauthorized party. While the company does not know which consumers’ information was actually accessed, the data the unauthorized party may have had access to includes customers’:
On January 19, 2022, the company sent out data breach notifications to all affected parties, informing them of the breach and what they can do to protect themselves. In its communication to affected consumers, Jim Koons Automotive Company notes that there is no indication that the unauthorized party used or intends to use any of the data obtained.
Below is a copy of the initial data breach letter issued by Jim Koons Automotive Company (a sample of the actual notice sent to consumers can be found here):
The purpose of this letter is to notify you about a recent data incident that may involve some of your information. This notice provides you with information about the incident, our response, and additional steps you may take to protect your information, should you determine it is appropriate to do so.
What Happened? Jim Koons Automotive Company (“Koons”) discovered unusual activity on certain computer systems beginning on June 5, 2021. We promptly took steps to secure the network and, with the assistance of computer forensic specialists, conducted an investigation to determine the nature and scope of the event. The investigation confirmed that an unauthorized actor gained access to a portion of the network and encrypted network files. Given that network locations were accessed without authorization, we undertook a lengthy, time-intensive, and thorough review of the potentially impacted information in order to identify the information that was potentially impacted and to whom it related. We completed this review on or around December 21, 2021, at which time we confirmed the individuals whose information was present. We then worked to reconcile the results of the review with our internal records in furtherance of identifying the individuals to whom the data related and the appropriate contact information for those individuals in order to provide notification to potentially impacted individuals as quickly as possible.
What Information Was Involved? The involved Koons systems contained your name and <<Breached Elements>>. As stated above, Koons is currently unaware of any actual or even attempted misuse of information.
Although we have no evidence of actual or attempted misuse of your information, in an abundance of caution, we are notifying you about the event so that you may take steps to protect your information.
What We Are Doing. We take this incident very seriously. Information privacy and security are among our highest priorities, and we have strict security measures in place to protect information in our care. Upon discovering this incident, we quickly took steps to investigate and respond, including reviewing and enhancing our existing policies and procedures to reduce the likelihood of a similar future event. Koons reported this incident to federal law enforcement and is notifying potentially affected individuals and relevant regulators as required. Moreover, as an added precaution, Koons is offering <<credit monitoring length>> of complimentary access to credit monitoring and identity restoration services to potentially impacted individuals out of an abundance of caution because your information was determined to be present in the systems that may have been accessed during the incident.
What You Can Do. Koons encourages you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and explanation of benefits and monitoring your free credit reports for suspicious activity. You may also review and consider the information and resources outlined in the below “Steps You Can Take to Help Protect Personal Information” which includes information regarding enrollment for the complimentary credit monitoring and identity restoration services.