Posted On January 29, 2023 Consumer Privacy & Data Breaches
January 29, 2023 – After a ransomware attack exposed sensitive student and faculty information in their possession, Stratford University filed notice of a data breach with the Maine Attorney General on January 26, 2023. According to the filing, an unauthorized party gained access to consumers’ full names, Social Security numbers, addresses, phone numbers, dates of birth, email addresses, passport numbers, and student identification numbers. Once there was confirmation of the consumer data leak, Stratford University sent notification letters to all 78,692 individuals affected by the data security breach.
The data breach lawyers at Console & Associates, P.C. are actively investigating the Stratford University data breach. If you have received a breach notification and are interested in learning about the risks of identity theft and what you can do to protect yourself, we are offering free consultations where we can discuss your legal options for receiving compensation from Stratford University. If you recently received a NOTICE OF DATA BREACH from COMPANY, contact us at (866) 778-5500 to discuss your legal options, or submit a confidential contact form for a free case evaluation.
Stratford University is a four-year college with about 137 post-graduates and 1,240 undergraduates. Originally founded in 1976 and based in Alexandria, Virginia, Stratford University with campuses in Maryland, India, and Virginia. Stratford University employed over 641 people and generated approximately $75 million in revenue annually. According to a post on the university’s website, the university’s accreditor, Accrediting Council for Independent Colleges and Schools (“ACICS”), was decertified, and the school lost its accreditation. The post announced that the university would cease operations after the Fall 2022 semester.
According to filings with the Maine Attorney General, Stratford University determined that it had been the target of a ransomware attack on August 27, 2022. In response, the university began working with a third-party cybersecurity firm to investigate the breach, and also retained legal representation.
After learning that the consumer data was exposed to a third party, Stratford University’s next step was to review the files and determine what information was made available. The types of information exposed were consumers’ full names, Social Security numbers, addresses, phone numbers, dates of birth, email addresses, passport numbers, and student identification numbers. While not consistent with each individual, any or all of the information listed may have been leaked due to the attack.
On January 26, 2023, Stratford University sent letters to all individuals affected by the data security breach. The Maine Attorney General’s office estimates about 78,692 individuals were affected.
If you receive a notice of a data breach from Stratford University, it means your confidential information, including your full name and your Social Security numbers, may now be in the hands of an unauthorized party.
There are many things that a hacker can do with those two pieces of sensitive information. Social Security numbers are often used to commit identity theft and fraud. That information can also be sold on the dark web for others looking to commit crimes using your information. Once hackers have basic information about you, it’s easy to obtain more information, and then the crimes that can be committed become numerous. It’s important that you know your rights as a victim and that you understand your options.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the Stratford University data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a portion of the letter sent to affected individuals:
Dear [Redacted],
The privacy and security of the personal information we maintain is of the utmost importance to Stratford University.
We’re writing with important information regarding a data security incident that involved some of your information. We want to provide you with information about the incident, explain the services we are providing to you, and let you know that we continue to take significant measures to protect your information.
What Happened?
On or about August 27, 2022, we detected a cyber incident impacting our systems. We launched an investigation into the incident with the assistance of third-party independent cybersecurity experts. We concluded our initial investigation and determined that on or about August 26, 2022, an unauthorized individual accessed our systems and, as a result, obtained some data, including information from our student database. At that time, we began a comprehensive review of the impacted data to identify all individuals whose information was involved. On December 29, 2022, we concluded our review and determined that the data contained some of your personal information. Therefore, we wanted to notify you of the incident and provide you with information on steps you can take to help protect your information.
What Information Was Involved?
The personal information included in the impacted data contained [Redacted].
What We Are Doing
The security and privacy of the information contained within our systems is a top priority for us. In response to this incident, we took immediate steps to secure our systems and engaged third-party forensic experts to assist in the investigation.
What You Can Do
We are providing you with access to Single Bureau Credit Monitoring/Single Bureau Credit Report/Single Bureau Credit Score services at no charge. These services provide you with alerts for 12 months from the date of enrollment when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. In addition, we are providing you with proactive fraud assistance to help with any questions that you might have or in the event you become a victim of identity theft, as well as a $1,000,000 insurance reimbursement policy. These services will be provided by Cyberscout through Identity Force, a TransUnion company specializing in fraud assistance and remediation services.
To enroll in Credit Monitoring services at no charge, please log on to [Redacted] and follow the instructions provided. When prompted please provide the following unique code to receive services: [Redacted].
In order for you to receive the monitoring services described above, you must enroll within 90 days from the date of this letter. The enrollment requires an internet connection and e-mail account and may not be available to minors under the age of 18 years of age. Please note that when signing up for monitoring services, you may be asked to verify personal information for your own protection to confirm your identity.
Additionally, if you are interested in learning about how you can contact the Federal Trade Commission and obtain information from credit reporting agencies about fraud alerts and security freezes, you may refer to the “Other Important Information” included with this letter.
For More Information
We sincerely regret this incident occurred and for any concern it may cause. We understand that you may have questions about it beyond what is covered in this letter. If you have any additional questions, please contact the external, dedicated call center we set up at [Redacted] between the hours of 8:00 am to 8:00 pm Eastern time, Monday through Friday, excluding holidays.
