Posted On January 24, 2022 Consumer Privacy & Data Breaches
January 24, 2022 – Recently, StarTek, Inc. announced that the company experienced a data security event involving an unauthorized party gaining access to the company’s computer systems and removing certain data. According to a company news release, on June 26, 2021, StarTek, Inc. experienced a “network disruption.” After conducting a follow-up investigation, the company learned that an unauthorized party unknown actor gained access to and obtained data from the StarTek network without authorization. This information included the first names, last names, Social Security numbers, and dates of birth of the affected parties.
A data breach can occur in a number of ways. However, most often, they are the result of a hacker or other criminal actor breaching a company’s security system and accessing sensitive consumer information that is being stored on the company’s servers. Often, cybercriminals target those companies they know to employ weak or outdated data-security technology. Once a hacker successfully obtains consumer data, they may use that information to commit identity theft or to generate immediate profit by selling the data to the highest bidder.
Those affected by a data breach are significantly more likely to fall victim to identity theft or other potentially serious crimes. In fact, since 2020, identity theft crimes have become much more common. In many instances, identity thieves obtain the data they need to commit these crimes through a data breach. Given the risks, it is essential that anyone who received a data breach letter from StarTek, Inc. take the steps necessary to protect themselves from the risks that data breaches such as this one present.
Companies like StarTek, Inc. have a duty to protect your sensitive consumer data. Thus, if evidence emerges that StarTek, Inc. did not ensure adequate system security leading up to the data breach, you may be eligible for financial compensation through a data breach class action lawsuit.
When you provided StarTek, Inc. with your personal information, you trusted that the company would take your privacy seriously. Certainly, anyone in your position would assume that StarTek, Inc. would ensure the safety of their financial and personal information and take whatever steps were necessary to prevent the data from ending up in the possession of a potential criminal. However, news of the StarTek, Inc. data breach raises serious questions about the company’s data security measures in place at the time of the breach and, potentially, the company’s commitment to consumer privacy.
All businesses that obtain and store consumer data have an ethical and legal obligation to ensure it remains private. Of course, developing and maintaining a data-security system is an additional expense; however, it is also a necessary cost of doing business in an environment where hacking and cyberattacks are common.
If a business fails to protect consumers’ privacy, it may be liable through a data breach class action lawsuit. Of course, United States data breach laws are complex, and news of this data breach is very recent. As a result, at this time, there is no evidence that StarTek, Inc. was negligent in how it maintained consumer data or that its security systems were inadequate. However, our data breach lawyers are looking into the breach to determine what legal remedies affected consumers may have against StarTek, Inc.
If you have questions about your ability to bring a class action lawsuit against StarTek, Inc., it is essential that you contact a data breach attorney as soon as possible.
If you received a data breach letter from StarTek, Inc., you were among those whose personal data was compromised in the recent data breach. It also means a total stranger may have accessed, viewed, and retained your sensitive personal information. While no one can know with any certainty why a hacker wanted your information or what they intend to do with it, it is essential you protect yourself and your financial accounts by taking the following steps:
StarTek, Inc. is a customer experience (CX) business that helps other businesses manage the various interactions they have with customers. StarTek focuses on developing positive relationships and goodwill on behalf of the company’s corporate clients. For example, StarTek, Inc. helps companies manage their social media strategies, working to ensure a positive and consistent image is conveyed. StarTek, Inc. is a publicly-traded company on the New York Stock Exchange under the ticker “SRT.” According to the company’s most recently filed financial statements, Starek, Inc. generated revenue of over $640 million in 2020.
According to the most recent data breach letter issued by StarTek, Inc., on June 26, 2021, the company experienced what the company characterizes as a “network disruption.” After investigating the incident, the company determined that an unknown party gained access to and obtained data from the StarTek network without authorization.
On December 23, 2021, StarTek, Inc. subsequently determined that the breach exposed the personal information of 24,819 customers and employees. This information included affected parties’ first names, last names, Social Security numbers and dates of birth.
Around January 21, 2022, StarTek, Inc. sent out written data breach notifications to all affected customers and employees, informing them of the breach and what they can do to protect themselves. In this communication, StarTek, Inc. explained that there is no indication that the unauthorized party used or intends to use any of the data obtained. However, the company acknowledged the risks involved and encouraged those impacted by the breach to keep a lookout for signs of identity theft.
Below is a copy of the initial data breach letter issued by StarTek, Inc. (the actual notice sent to consumers can be found here):
I am writing to inform you of a data security incident that may have affected your personal information. At StarTek, we take the privacy and security of personal information very seriously. We are contacting you to notify you that this incident occurred and inform you about steps you can take to ensure your information is protected, including enrolling in the complimentary identity protection services we are making available to you.
What Happened? On June 26, 2021, StarTek learned of unusual activity occurring on its network. Upon discovering this activity, StarTek immediately took steps to secure its technological environment and began an internal investigation with the help of cybersecurity experts. Our investigation identified that an unauthorized individual gained access to and acquired some documents from StarTek’s environment. At this point, StarTek did not know if these documents contained any personal information. StarTek undertook a thorough review of this subset of files and determined that some of your personal information was found in these documents. We are not aware of the misuse of any personal information that may have been involved in this incident. Out of an abundance of caution, we are offering free credit monitoring services.
What Information Was Involved? The potentially affected information may have included your [________].
What Are We Doing? As soon as we discovered this incident, we took the steps described above. In addition, we are providing you with information about steps you can take to help protect your personal information and, out of an abundance of caution, we are offering you credit monitoring and identity theft restoration services at no cost to you through Experian. With this protection, Experian will help you resolve issues if your identity is compromised.
What Can You Do? We recommend that you review the guidance included with this letter about how to help protect your information. We encourage you to contact Experian with any questions and to enroll in free identity protection services.
If you believe there was fraudulent use of your information as a result of this incident and would like to discuss how you may be able to resolve those issues, please reach out to an Experian agent. If, after discussing your situation with an agent, it is determined that identity restoration support is needed then an Experian Identity Restoration agent is available to work with you to investigate and resolve each incident of fraud that occurred from the date of the incident (including, as appropriate, helping you with contacting credit grantors to dispute charges and close accounts; assisting you in placing a freeze on your credit file with the three major credit bureaus; and assisting you with contacting government agencies to help restore your identity to its proper condition).
Please note that Identity Restoration is available to you for 12 months from the date of this letter and does not require any action on your part at this time. The Terms and Conditions for this offer are located at www.ExperianIDWorks.com/restoration.