Posted On March 25, 2023 Consumer Privacy & Data Breaches
March 25, 2023 – Following a cybersecurity event in which unauthorized individuals stole files containing sensitive consumer information, SundaySky Inc. filed a data breach notice with the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) on March 7, 2023. According to the business’s official report, the breach led to unauthorized access to customers’ first names, Healthcare Savings Account details, and email addresses. SundaySky started distributing data breach notification letters to all 37,095 individuals who was affected by the recent data security incident as soon as it was confirmed that customer data had been exposed.
It is critical that you comprehend what is at risk if you receive a notification of a data breach. On behalf of those whose information was compromised, the data breach lawyers at Console & Associates, P.C. are actively looking into the SundaySky data breach. We are offering free consultations to anyone impacted by the breach who is interested in finding out more about the dangers of identity theft, what they can do to protect themselves, and what legal alternatives they may have to seek compensation from SundaySky as part of this inquiry.
Software provider SundaySky, Inc. offers a Video Experience Platform that aids companies in boosting sales, cutting expenses, reducing attrition, and improving customer happiness. The corporation has offices in New York City, Tokyo, and Tel Aviv, even though its headquarters are in New York, New York. Since its founding in 2007, SundaySky has grown to employ more than 160 people and bring in over $33 million annually.
On January 8, 2023, SundaySky discovered that an unauthorized entity had gained access to the company’s U.S. cloud-based servers, per its filing with the HHS-OCR and a notice published on its website. In response, SundaySky shut down its systems, alerted the authorities, and subsequently started an inquiry into the occurrence.
The SundaySky investigation verified that the unauthorized party accessed some files containing sensitive customer data. The business discovered that some of these files had been copied by unapproved parties. SundaySky started looking into the affected files as soon as it became aware that private customer information had been made available to an unauthorized party in order to ascertain what information had been hacked and whose customers were impacted. Your first name, information about your Healthcare Savings Account, and your email address could all have been compromised, however, the specifics may vary by individual.
On March 7, 2023, SundaySky sent notification letters to all individuals whose information was leaked in the recent security breach.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the SundaySky Inc. data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the notice posted on their website:
SundaySky Inc. (“SundaySky”) is a business-to-business merchant offering software solutions to develop personalized video for business marketing purposes. In connection with the services it provides, SundaySky received certain information from its customers, including certain health plan information between December 2018 and January 2019. SundaySky is providing information about the event, its response, and resources available to individuals to help protect their information from possible misuse should they feel it is appropriate to do so.
On January 8, 2023, SundaySky identified unauthorized access to a limited set of servers in its U.S. cloud-based environment. SundaySky promptly responded, including taking steps to protect its customers’ information, notifying federal law enforcement, and launched a comprehensive investigation to determine the full nature and scope of the event. The investigation determined that an unauthorized individual copied certain files from its environment between January 6 and January 8, 2023. Therefore, SundaySky began a comprehensive review of the files in collaboration with the health plan provider to determine the information potentially impacted by this incident and to whom the information related for purposes of notification. The collaborative review efforts were completed on February 20, 2023, and thereafter SundaySky worked to obtain necessary information and approval in order to begin notifying potentially affected individuals that their information was identified in one of the files copied during this event.
WHAT INFORMATION WAS INVOLVED?
The investigation identified the following information related to potentially affected individuals in connection with this event: first name, personal email address, and Healthcare Savings Account (HSA) effective date and deductible. Information related to a copay, if applicable, may also have been impacted. Social Security numbers and financial information were not involved.
WHAT SUNDAYSKY IS DOING
SundaySky treats its responsibility to safeguard the information in its possession as an utmost priority. As such, SundaySky responded quickly to this event and has been working diligently to provide accurate and complete notice of the incident. SundaySky’s response to this event also included prompt reporting to federal law enforcement. Further, as part of its ongoing commitment to the privacy and security of personal information in its care, SundaySky is instituting additional technical safeguards and policies and procedures to reduce the likelihood of a similar event in the future. SundaySky is also notifying requisite regulatory authorities.
WHAT YOU CAN DO
If you believe or have been advised that this event may have affected you, SundaySky encourages you to remain vigilant against incidents of identity theft and fraud by reviewing your account and monitoring your free credit reports for suspicious activity and to detect errors. Further, please review the enclosed “Steps You Can Take to Help Protect Personal Information” section of this notice for additional information.
FOR MORE INFORMATION
If you have additional questions or concerns, SundaySky has established a dedicated call center at 800-459-5960, which is available Monday through Friday from 9:00 a.m. and 11:00 p.m., and Saturday and Sunday from 11:00 a.m. to 8 p.m., Eastern Time (excluding major U.S. holidays) for any questions individuals may have regarding this event.