Posted On February 3, 2022 Consumer Privacy & Data Breaches

Data Breach Alert: Pulse TV

February 3, 2022 – Recently, Pulse TV announced that the personal and financial information of approximately 201,000 customers was compromised in a data breach. Our data breach attorneys are investigating this cybersecurity incident to determine if consumers could have the grounds for a data breach class action lawsuit.

What to Know About the Pulse TV Data Breach

The company recently reported that an unauthorized party gained access to certain files on its servers containing information about purchases made by credit card on the company’s website between November 1, 2019, and August 31, 2021. A subsequent investigation revealed that the files may have contained the following information:

• Names
• Addresses
• Email addresses
• Payment card number
• Payment card expiration date
• Card security code (CVV)

According to reports, Pulse TV does not know which individuals’ information was actually accessed and cannot confirm that the unauthorized party retained any of the information.

However, anyone in receipt of a Pulse TV data breach notification letter may now face an increased risk of identity theft and other financial losses. Attorneys are now investigating this recent cybersecurity incident to determine whether the company took the necessary steps to keep your data secure and whether those impacted by the breach can pursue a data breach class action lawsuit.

What Is a Data Breach?

A data breach occurs when a hacker or other unauthorized party secretly gains access to sensitive consumer information stored on a company’s servers through some kind of cyberattack. Once a hacker obtains consumer data, they may use the information to commit identity theft or for other criminal purposes. Sometimes hackers will sell the data they obtain through a cyberattack to the highest bidder.

No one can tell with certainty why a hacker targeted your data in a data breach or what they plan to do with it, but the fact that your sensitive information is in the hands of an unauthorized party puts you at a greater risk of identity theft.

As consumers, we all provide personal data to companies for a variety of reasons. We trust these companies to protect our private data and keep this information secure. Unfortunately, data breaches happen frequently.

Attorneys are investigating data events like this security breach to determine the legal rights of consumers who trusted corporations with their sensitive information. Often, hackers target companies that rely on outdated or otherwise inadequate data-security measures. If it is determined that Pulse TV did, in fact, fail to properly protect consumers’ data in some way, the individuals affected may be eligible to pursue compensation for their financial losses.

What Can You Do After a Data Breach?

If you received a data breach letter from the company that experienced a security incident, it means that an unauthorized person—likely a criminal—may have accessed, viewed, and retained your personal information. While the company cannot know why the third party sought out your information and what they plan to do with it, the situation justifies a certain level of precaution on your part.

Below are a few ways to protect yourself from identity theft and the other possible financial risks that can stem from a data breach:

1. 1. 1. Carefully read the data breach letter to determine what information of yours was accessible;
      2. Make a copy of the letter for your records;
      3. Enroll in the free credit monitoring service provided to you (you will need information contained in the data breach letter to do this);
      4. Change all your passwords and security questions for any online accounts;
      5. Enable two-factor authentication, where it is available;
      6. Regularly review your credit card and bank account statements for any signs of suspicious activity;
      7. Monitor your credit report for any unexpected changes that may be a sign of identity theft;
      8. Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
      9. Notify your banks and credit card companies of the data breach.

To protect and preserve their legal rights, it is highly recommended that individuals who received notice that their data may have been compromised immediately reach out to an experienced data breach attorney.

Data Breach Lawyers Are Investigating This Security Incident and the Potential for a Data Breach Class Action

Companies have an ethical and legal duty to protect consumers’ personal and financial information. While developing and implementing a comprehensive and up-to-date data-security system is costly, this is a necessary cost of doing business in an environment where cyberattacks and data breaches are common.

Data breach laws are complex, and just because your information may have been accessed while in Pulse TV’s care doesn’t necessarily make this company legally responsible. However, if a company fails to take appropriate actions to protect consumers’ sensitive information, it may face liability through a data breach class action lawsuit.

If you received a data breach notification letter, it is important that you not only protect yourself from possible fraud but also preserve your legal rights by speaking to a data breach attorney. Consumer privacy lawyers are undertaking investigations in legal matters involving all types of data breaches, ransomware attacks, and cyberattacks on a no-win, no-fee basis.

Find a copy of the data breach letter here.

Dear [RECIPIENT]:

PulseTV is writing with important information regarding a recent data security incident that involved some of the information we use to process orders, including information potentially related to you. We take this matter very seriously because we know how important this information is to you. We are providing this notice to you as a precautionary measure, to inform you of the incident, and to explain steps that you can take to protect your information.

What Happened

On March 8, 2021, VISA informed us that our website (www.pulsetv.com) was a common point of purchase for some unauthorized credit card transactions and that the website may have a possible compromise. Shortly after that, we conducted malware scans, checked our security settings, and cooperated with VISA’s requests for information. We did not find any ongoing compromise involving customer credit cards, nor were we aware of any customer complaints regarding credit card use on our website prior to hearing from VISA. The next time we heard from VISA was in July 2021. We provided additional information at that time and did not have any follow-up from VISA or any other card brand. A few months later law enforcement contacted us regarding additional payment card compromises that appeared to have originated from our website. We then started working with legal counsel with an expertise in cybersecurity. Legal counsel also hired nationally-recognized cybersecurity experts to assist with the investigation.

On November 18, 2021, our investigator learned that the website had been identified as a common point of purchase for a number of unauthorized credit card transactions for MasterCard. Based upon communications with the card brands, it is believed that only customers who purchased products on the website with a credit card between November 1, 2019 and August 31, 2021 may have been affected. The investigation was unable to verify that the website was the cause of the unauthorized transactions. However, in an abundance of caution, PulseTV is notifying customers, including you, who purchased products on our website during that time period so that they can take steps to protect and secure their credit card information.

What Information Was Involved

The affected information may have included your name, address, email address, payment card number, expiration date, and card security code (CVV) provided during checkout.

What We Are Doing

Because cyber threats are always evolving, we are continuously working to identify and mitigate threats and evaluate our IT security protocols to make sure that sensitive data is protected. In addition, to further improve our website security and help prevent similar occurrences in the future, we have taken, or will be taking, the following steps:

1. 1. Adding two-factor authentication requirements for all internal devices;
   2. Utilizing end-point detection and response tools to provide greater network visibility and threat mitigation; and
   3. Migrating to a different payment system.

We are also working with the payment card networks to keep them informed and cooperating with the ongoing investigation of the incident by law enforcement. Finally, we are providing notice of this incident to appropriate state regulators, consistent with our compliance obligations and responsibilities.

What You Can Do

We recommend that you remain vigilant for incidents of fraud and identity theft by regularly reviewing your account statements and monitoring free credit reports for any unauthorized activity. Information on additional ways to protect your information, including how to obtain a free credit report and a free security freeze, can be found at the end of this letter. You should report any incidents of suspected identity theft to your local law enforcement and state Attorney General.

If you believe your payment card information may have been compromised, we strongly encourage you to contact your payment card company and/or financial institution and request that the card be cancelled.

For More Information

Please accept our apologies that this incident occurred. The privacy and security of your information is very important to us and we remain committed to maintaining the confidentiality of your information. If you have any further questions, please contact us at 1-855-618-3212, Monday through Friday, 9:00a.m. to 6:30p.m., Eastern Time (excluding some U.S. holidays).