Posted On November 10, 2022 Personal Injury
On November 3, 2022, United Veterinary Care filed notice of a data breach with the Office of the Massachusetts Attorney General after the company discovered that an unauthorized party was able to access sensitive information belonging to certain individuals. Based on the company’s official filing, the incident resulted in an unauthorized party gaining access to consumers’ names, Social Security numbers and financial account information. After confirming that consumer data was leaked, United Veterinary Care began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the United Veterinary Care data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from United Veterinary Care.
The available information regarding the United Veterinary Care breach comes from the company’s filing with the Attorney General of Massachusetts. According to this source, United Veterinary Care recently learned that an unauthorized party gained access to its computer system and was able to access certain files between the dates of January 25, 2022 and March 11, 2022.
In response, United Veterinary Care secured its network and began working with third-party cybersecurity specialists to investigate the incident and determine what, if any, consumer data was compromised as a result. The company’s investigation confirmed that some of the files that were accessible to the unauthorized party contained sensitive information relating to certain individuals.
Upon discovering that sensitive consumer data was made available to an unauthorized party, United Veterinary Care began to review the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number and financial account numbers.
On November 3, 2022, United Veterinary Care sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
United Veterinary Care is a veterinary chain based in Palm Beach Gardens, Florida. The company operates more than 116 animal hospitals across 23 states, including in Florida, California, the Midwest, and the Northeast. With a staff of more than 600 veterinarians, United Veterinary Care is one of the largest veterinary chains in the country. United Veterinary Care employs between 500 and 1,000 people and generates approximately $500 million in annual revenue.
When hackers think about which companies to target with their cyberattacks, they consider a number of factors, one of which is the type of data in the company’s possession. Not all data is equal in the eyes of a hacker. For example, some data types can command a higher premium on the dark web due to the ease with which criminals can use the information to commit identity theft and other frauds.
While hackers can target any type of sensitive information, the most frequently targeted data is Social Security numbers. But why? How can hackers and other criminals use stolen SSNs to make a profit?
Most people assume that identity theft or a few unauthorized transactions are the extent of the damage a hacker can cause. Indeed, these are common harms that stem from a data breach, and it can be very inconvenient and require hundreds of hours of work to resolve these issues. However, hackers have other ways of perpetrating fraud that may be even worse.
Below are a few of the ways that hackers can use stolen Social Security numbers to perpetrate fraud.
If a hacker steals someone’s Social Security number, they may be able to intercept the victim’s tax refund by filing a federal tax return in the victim’s name. Unfortunately, a victim of tax refund fraud may not know they’ve been targeted until the IRS rejects their tax return. This is because, in the IRS’s system, the victim’s return has already been filed. Of course, it is unlikely that the victim would know this beforehand. Therefore, to reduce the chances of a hacker successfully committing tax refund fraud, you should file your tax return as soon as possible.
The most common harm associated with a data breach involves hackers using a victim’s information to open up a new line of credit, usually in the form of a credit card or consumer loan because these products are the easiest to obtain and can usually be opened online. To do this, a hacker only needs the victim’s date of birth and address in addition to their Social Security number. Of course, once a criminal has your name and Social Security number, obtaining the other information won’t pose much of a hurdle. They can typically find this information online or through a database of previously leaked information.
One of the lesser-known consequences of a data breach involves a hacker opening up a new utility or cell phone account in a victim’s name. While few people know about this type of fraud, according to the Federal Trade Commission,13 percent of all fraud cases in 2016 involved criminals opening up fraudulent phone and utility accounts. To open up a utility account, all a hacker needs is a victim’s name, address and Social Security number. Often, these accounts can be set up entirely online, making it even easier for hackers to orchestrate this type of fraud.
Those who learned that their Social Security number was leaked should be sure to take all possible precautions to avoid becoming the victim of one of the above frauds.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the United Veterinary Care data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by United Veterinary Care (the actual notice sent to consumers can be found here):
We are writing with important information regarding a recent security incident. The privacy and security of the personal information we maintain is of the utmost importance to United Veterinary Care. We wanted to provide you with information about the incident, explain the services we are making available to you, and let you know that we continue to take significant measures to protect your information.
We recently learned that an unauthorized individual may have obtained access to a limited amount of personal information between January 25, 2022 and March 11, 2022. We immediately launched an investigation in consultation with outside data privacy professionals who regularly investigate and analyze these types of situations to analyze the extent of any compromise of the information. We devoted considerable time and effort to determine what information may have been impacted. Based on our comprehensive investigation and document review, which concluded on October 23, 2022, we discovered that the impacted information included your full name and the following: [Redacted]
To date, we are not aware of any reports of identity fraud or improper use of your information as a direct result of this incident. Out of an abundance of caution, we wanted to make you aware of the incident, explain the services we are making available to help safeguard you against identity fraud, and suggest steps that you should take as well. To protect you from potential misuse of your information, we are offering a complimentary two-year membership in Equifax® Credit WatchTM Gold. Equifax® Credit WatchTM Gold is completely free to you and enrolling in this program will not hurt your credit score. For more information on identity theft prevention and Equifax® Credit WatchTM Gold, including instructions on how to activate your complimentary two-year membership, please see the additional information provided in this letter.
This letter also provides other precautionary measures you can take to protect your personal information, including placing a Fraud Alert and/or Security Freeze on your credit files, and/or obtaining a free credit report. Additionally, you should always remain vigilant in reviewing your financial account statements and credit reports for fraudulent or irregular activity on a regular basis.
Please accept our apologies that this incident occurred. We are committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it. We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information.
If you have any further questions regarding this incident, please call our dedicated and confidential toll-free response line that we have set up to respond to questions at [redacted] This response line is staffed with professionals familiar with this incident and knowledgeable on what you can do to protect against misuse of your information. The response line is available Monday through Friday, between 9:00 AM and 9:00 PM Eastern time.