Posted On June 15, 2022 Consumer Privacy & Data Breaches
June 15, 2022 – Wilkins Recreational Vehicles, Inc. reported a data breach after the company was targeted in a recent cybersecurity attack. As a result of the breach, the driver’s license number and, if you obtained financing through Wilkins RV or exchanged credit card information through e-mail, your social security number and financial account numbers of certain individuals was compromised. The Wilkins Recreational Vehicles data breach is believed to have impacted as many as 17,408 individuals. On June 8, 2022, Wilkins Recreational Vehicles sent out data breach letters to those individuals whose information was affected by the breach.
The data breach lawyers at Console & Associates, P.C. are going to begin interviewing victims of the breach to determine what damages they sustained and what legal claims may be available to them. If you recently received a NOTICE OF DATA BREACH from Wilkins Recreational Vehicles, Inc., contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Below is a portion of the letter that Wilkins Recreational Vehicles, Inc. sent to individuals affected by the data breach:
Dear [Redacted],
We are writing to tell you about a data security incident at Wilkins RV that may have exposed some of your personal information. We take the protection and proper use of your information very seriously. For this reason, we are contacting you directly to explain the circumstances of the incident.
What happened?
We recently completed an investigation involving a cyber-attack against Wilkins in which unauthorized criminal actors gained access to some of Wilkins’ electronic systems. Upon learning of the attack, Wilkins immediately took steps to secure its systems and began an investigation with the assistance of cybersecurity experts. The investigation determined that Wilkins was the victim of a ransomware attack, in particular a type of ransomware known as Conti. The ransomware attack itself occurred on February 8, 2022. The forensic investigation has determined that criminals first accessed Wilkins’ systems on February 2, 2022, most likely through a “phishing” attack in which a Wilkins employee opened a file infected with malware. Wilkins was able to secure its systems shortly after the attack on the 8th, and did not respond to or pay the ransom demanded by the criminals. The forensic investigation, however, was unable to determine if any data was actually taken or what specific data may have been accessible to the criminal actors during the attack.
What information was involved?
Out of an abundance of caution and to proactively address any potential issues, we have identified all individuals for whom Wilkins may have maintained any sort of private information. On May 12, 2022, we determined that Wilkins did have certain of your personal data on its systems that could have been accessible to the criminal actors, in particular your driver’s license number and, if you obtained financing through Wilkins RV or exchanged credit card information through e-mail, your social security number and financial account numbers.
What we are doing.
Although Wilkins has always taken great care to ensure the protection of its data, we have used this attack as an opportunity to review our information security practices and protections. We have conducted further training of employees to identify potentially malicious emails. We also retained information security experts to review our technological protections and actively monitor our systems for unusual activity.
To help relieve concerns and restore confidence following this incident, we have secured the services of Kroll to provide identity monitoring at no cost to you for one year. Kroll is a global leader in risk mitigation and response, and their team has extensive experience helping people who have sustained an unintentional exposure of confidential data. Your identity monitoring services include Credit Monitoring, Fraud Consultation, and Identity Theft Restoration.
Visit [Redacted] to activate and take advantage of your identity monitoring services.
You have until [Redacted] to activate your identity monitoring services.
Membership Number: [Redacted]
For more information about Kroll and your Identity Monitoring services, you can visit [Redacted]. Additional information describing your services is included with this letter.
What you can do.
Please review the enclosed “Additional Resources” section included with this letter. This section describes additional steps you can take to help protect yourself, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file.
For more information.
If you have questions, please call [Redacted], Monday through Friday from 8:00 a.m. to 5:30 p.m. Central Time. Please have your membership number ready. Protecting your information is important to us. We trust that the services we are offering to you demonstrate our continued commitment to your security and satisfaction.