Posted On March 8, 2023 Consumer Privacy & Data Breaches
March 8, 2023 – After learning that consumer data on the business’s computer network had recently been compromised by a data security incident, 1st Franklin Financial Corporation (“1FFC”) notified the Montana Attorney General of the breach on February 14, 2023. According to the filing, the incident resulted in an unauthorized party accessing the names, Social Security numbers, routing numbers, bank account numbers, and information from consumers’ credit reports. 1FFC started mailing data breach notification letters to everyone affected by the recent data security incident as soon as it was confirmed that customer data had been leaked.
The 1st Franklin Financial Corporation data leak is currently being looked into by the data breach lawyers at Console & Associates, P.C. We are providing free consultations where we can go over your legal options for getting compensation from 1FFC if you have received a breach notice and are curious about the dangers of identity theft and what you can do to protect yourself.
The Toccoa, Georgia-based 1st Franklin Financial Corporation is a provider of financial services. It was established in 1941. Through more than 340 branches, the company offers customers a broad variety of financial services, with a primary focus on consumer loans. The most popular 1FFC loans are for debt consolidation, car repairs, home improvements, medical costs, weddings, and funerals. More than 1,442 individuals are employed by 1st Franklin, which brings in about $213 million in yearly revenue.
The company’s report submitted to the Montana Attorney General contains all the information that is currently known about the 1FFC hack. This report claims that 1FFC was the target of a cyberattack on November 17, 2022. In reaction, 1FFC secured its systems and launched an investigation, though the business has not yet given many details about the attack or how it was discovered. The 1FFC investigation verified that some files on the company’s IT network were open to unauthorized access and that some of these files held private customer information.
1FFC started looking through the affected files as soon as it was discovered that private customer information had been made accessible to an unauthorized party. Consumers’ names, Social Security numbers, routing numbers, and bank account numbers may be among the breached information, though the specifics rely on the person. The 1FFC data breach also exposed some data from customer credit reports.
On January 10, 2023, 1FFC sent data breach notification letters to all those who had been affected by the data security leak.
If 1st Franklin Financial Corporation notifies you of a data breach, it indicates that the breached data included your personal information. There is a chance that someone now has access to your identity and Social Security numbers.
To make money or steal identities, hackers frequently sell the data they obtained through a data breach on the dark web. There are steps a consumer can take to lessen the likelihood of their identity being stolen, but there are no true preventative measures they can take to stop their information from being leaked.
If your data has been compromised, there are a few things you should do right away that we’ve listed for you. This list is not exhaustive, so you might want to take additional precautions if your bank accounts or Social Security number have been compromised.
If a data breach occurs and someone’s information is exposed, businesses will notify those impacted. These letters contain pertinent details about the attack, such as how your information was accessed, what steps 1FFC is taking to safeguard your data moving forward, and whether any impacted individuals have ever been the victims of fraud or identity theft. Get all the information from the data breach letter, so you can decide what to do next.
You should modify all online account passwords if a data leak exposes your personal information. Change the passwords on all your accounts, even if you know which ones have been compromised. Hackers can access any account to get crucial data about a customer.
The victims of the data breach will receive a free credit monitoring program from 1FFC. When there is any suspicious behavior on your accounts, credit monitoring notifies you. A simple method to manage your credit accounts is to sign up for 1FFC’s free service. The business is also providing $1 million in identity theft protection to customers who were impacted by the breach.
Once they have your details, hackers will act quickly, so people don’t have time to close their accounts, preventing the use of the stolen data. The data the hackers obtained from 1FFC might not have been all the data they required to commit their intended crimes. If so, it may take them weeks or months to use your information because they will need time to gather all the necessary data. Keep an eye out for unusual behavior in your accounts, and remain vigilant.
Unlike credit monitoring, credit freezes and fraud alerts are services provided free of charge by the major credit bureaus. With a credit freeze, businesses cannot check your credit without your consent. A credit freeze might seem extreme, but according to the Identity Theft Resource Center, it is the best method to stop fraud after your personal information has been compromised. Companies that check your credit are alerted by a fraud warning that someone might be trying to use their data fraudulently.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the 1st Franklin Financial Corporation data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
On behalf of 1st Franklin Financial Corporation (“1 FFC”), I am writing to notify you of a recent incident that may have involved some of your personal information.
What happened and what have we done in response? On or about November 17, 2022, we sustained a security incident, causing disruption of our information technology network. We immediately investigated and aggressively responded to this event. Passwords were changed, and the unauthorized access was blocked. Outside technical experts were also engaged to further investigate and evaluate the nature and scope of the incident.
What information was involved? Preliminary findings from the investigation indicate that during the incident an unauthorized third party may have accessed and/or exfiltrated some data from IFFC’s IT environment. In response, we conducted a review of the data (which involved a combination of automated and eyes-on examination of the impacted files) to identify individuals whose personal information may have been involved. Through this review we determined that some personal information in our files may have been impacted.
On January 10, 2022, IFFC began issuing notices to potentially affected individuals based on the information available at that time. As our investigation continued, we identified additional potentially impacted files that may have contained your first and last names, social security number, bank account number and routing information if you provided that information to IFFC for ACH transfers or via a check, and potentially information contained in a credit report for you. The exact data elements that were impacted by the event varied by individual. We do not have any evidence that anyone has misused your information but are notifying you out of an abundance of caution.
What can you do? We recommend you take precautions, and we are offering you 12 months of free credit monitoring and $1 million in identity theft insurance through Experian. You must activate the Experian product by the activation date for it to be effective. The activation instructions are included with this notification. We also have enclosed some additional steps that you can take to protect yourself, as you deem appropriate.
For more information about this incident, please call (866) 982-6335 Monday through Friday, from 9:00 am -6:00 pm (excluding major U.S. holidays). We take information privacy and security issues very seriously and are continuing to take steps to enhance our security measures to help reduce the risk of something like this happening in the future. We are fully committed to protecting your personal information and sincerely apologize for any concern this incident may have caused.