Posted On August 2, 2022 Consumer Privacy & Data Breaches
August 2, 2022 – On July 7, 2002, The North Highland Company, LLC reported a data breach stemming from a ransomware attack resulting in the sensitive information of current and former employees being compromised. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to a wealth of employee data, including names, Social Security numbers, addresses, bank account numbers, payroll information, personal phone and email addresses, dates of birth, background check information, employment screening information and health-related information. North Highland also recently began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the North Highland data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from The North Highland Company, LLC.
According to official notice filed by the company, on June 6, 2022, North Highland learned that it had been targeted in a ransomware attack. In response, the company initiated an investigation into the incident with the assistance of multiple third-party data security experts.
On June 28, 2022, the company’s investigation confirmed that certain files containing personal information belonging to current and former employees had been removed from North Highland’s computer system by the attackers.
Upon discovering that sensitive employee data was stolen by the hackers, The North Highland Company then reviewed the affected files to determine what information was compromised and which employees were affected. While the breached information varies depending on the individual, it may include your name, Social Security number, identity number, tax number, address, bank account number and other payroll information, personal phone and email addresses, date of birth, benefits information, background check and employment screening information, performance related records, health-related information you may have provided to North Highland, and other employment-related information.
On July 7, 2022, The North Highland Company sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About The North Highland Company, LLC
The North Highland Company, LLC is a management consulting firm based in Atlanta, Georgia. The company provides supply chain and distribution consulting services, as well as IT solutions and services to businesses across varying industries, including energy and utilities, healthcare, financial services, hospitality and leisure, life sciences, retail and consumer products, and transportation. The North Highland Company employs more than 5,000 people and generates approximately $1 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the North Highland data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a copy of the initial data breach letter issued by The North Highland Company, LLC:
Dear [Consumer],
We are writing to notify you that North Highland experienced a security incident that involves your personal information.
What Happened? On June 6, 2022, North Highland discovered that it had been the victim of a ransomware attack that impacted a number of on-premises servers. We initiated an investigation shortly after discovering it with the assistance of multiple outside security experts. On June 28, 2022, we confirmed that files containing personal information of current and at least some former employees had been exfiltrated by the attackers. While our investigation is ongoing, we currently believe that the attackers gained access to our servers on or around May 26, 2022.
What Information Was Involved?
What Are We Doing? In response to these events, we engaged external cybersecurity experts to help with the investigation and remediation of the incident. We notified law enforcement of the attack; this notification has not been delayed due to a law enforcement investigation. We have also initiated a number of technical remediation efforts, including new password requirements for all employees. Below is a description provided by Experian of Experian’s® IdentityWorksSM: […]
What Can You Do? Please review the “Further Steps and Contact List” information on the reverse side of this letter which identifies additional steps to take to protect your information. If you have additional questions or concerns about this incident, please contact incidenthelp@northhighland.com.
Please know that we take the privacy and security of your personal information very seriously. We deeply regret any inconvenience this incident may cause you, and thank you for your understanding. Please Note: We will NOT send you any electronic communications regarding this incident that would involve a request to disclose any personal information.
