Posted On May 27, 2022 Consumer Privacy & Data Breaches
May 27, 2022 – PAR, Inc. reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the names, addresses, and Social Security numbers of certain individuals was compromised. On May 19, 2022, PAR sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from PAR, Inc., contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that PAR, Inc. sent to individuals affected by the data breach:
Re: NOTICE OF DATA INCIDENT
Dear <<first_name>> <<middle_name>> <<last_name>> <<suffix>>,
Out of an abundance of caution, PAR, Inc. (“PAR”), is writing to inform you of a data security incident that may have resulted in an unauthorized access of your personal information. PAR sincerely apologizes for this incident and any problems it may cause you. While we are unaware of any fraudulent misuse of your personal information at this time, we are providing you with details about the events, steps that PAR is taking in response, and resources available to help you protect against the potential misuse of your information.
Why Do We Have Your Information?
PAR has your information because we have or had a business relationship with you that required issuance of tax reporting to the Internal Revenue Service.
PAR recently discovered that an unauthorized user gained access to its corporate computer systems that store historical information related to financial transactions we have conducted with you in the past. In 2021, PAR migrated to a new ERP system which runs our finance and operations transactions. However, a legacy database file that contains your name, address, and social security number was stored in an archive location on our corporate network. PAR recently discovered that an unauthorized user gained access to this network file location. This unauthorized access occurred on or about March 21, 2022 (the “Incident”). PAR terminated the unauthorized access, and promptly commenced an internal investigation to determine the nature and scope of the Incident. The investigation involved hiring an outside information security company that conducted an extensive forensic investigation. To date, there is no evidence that anyone’s personal information has been obtained, leaked, or otherwise compromised. However, PAR has decided to notify any individual whose data was stored in the compromised system out of an abundance of caution. In addition, PAR is offering complimentary identity monitoring services to help protect you from the potential misuse of your personal information.
What Information Was Involved?
The personal information that may have been accessed by an unauthorized actor includes your name, address, and Social Security number. No other personally identifiable information (“PII”) was stored on the potentially compromised system.
Please note that PAR has received no indication that your information has been used by the unauthorized actor or by any unauthorized party to commit fraud. PAR is providing notice to you out of an abundance of caution.
What We Are Doing?
PAR values the privacy of your information and will continue to do everything it can to protect it. PAR has implemented additional security procedures to prevent unauthorized system access and your personal information has been removed from our legacy ERP database.
To help relieve concerns and restore confidence following this incident, we have secured the services of Kroll to provide identity monitoring at no cost to you for one year. Kroll is a global leader in risk mitigation and response, and their team has extensive experience helping people who have sustained an unintentional exposure of confidential data. Your identity monitoring services include Credit Monitoring, Web Watcher, $1 Million Identity Fraud Loss Reimbursement, Fraud Consultation, and Identity Theft Restoration.
Additional information describing your services is included with this letter.
What You Can Do
You may activate the identity monitoring services we are making available to you. Once again, PAR is making these services available to you at no cost; however, you will need to activate these services yourself. The deadline to activate is <<b2b_text_6(activation deadline)>>. PAR would like to reiterate that, at this time, there is no evidence that your information was misused. However, PAR encourages you to take full advantage of the services offered.
Enclosed with this letter you will find additional information regarding the resources available to you, and the steps that you can take to further protect your personal information. PAR encourages you to activate the services offered and to remain vigilant against incidents of identity theft and fraud. Such vigilance includes reviewing account statements and credit reports for suspicious activity. Individuals are encouraged to report any suspicious activity to the affiliated institutions immediately.
For More Information:
The protection of your information is a top priority, and PAR, Inc. sincerely regrets any concern or problem that this matter may cause. If you have any questions, please do not hesitate to call Travis or Donna at 813-968-3003. PAR values our relationship with you and we vow to do everything we can to help protect the security and privacy of your personal information in the future.