Posted On May 19, 2023 Consumer Privacy & Data Breaches
May 19 – On May 1, 2023, the Heritage Group notified the Office of the Maine Attorney General of a data breach involving the theft or unlawful disclosure of personal information of current and former workers, as well as members of their immediate families. According to the report filed by the firm, the event led to an outsider having access to the full names, Social Security numbers, and addresses of the company’s consumers. Heritage started distributing data breach notification letters to all persons affected by the incident after it was confirmed that consumer data was compromised.
Console & Associates, P.C.’s data breach lawyers are now looking into the hack at The Heritage Group. We provide free consultations to anybody who has received a breach notice from The Heritage Group and wants to learn more about the dangers of identity theft, what they can do to protect themselves, and what legal options are available for financial compensation.
The Heritage Group is a holding company that manages over 30 businesses in the fields of specialized chemicals and petroleum products, environmental services, and construction and materials from its headquarters in Indianapolis, Indiana. US Aggregates, Heritage Construction & Materials, Cirba Solutions, Monument Chemical, Milestone Contractors, and Asphalt Materials, Inc. are all subsidiaries of the Heritage Group. Approximately $950 million in yearly income is produced by the Heritage Group’s more than 5,000 employees.
The Heritage Group, as stated in a filing with the Attorney General of Maine, prevented an unauthorized third party from accessing the company’s IT network in January 2023. As soon as the Heritage Group became aware of the danger, an investigation was initiated to ascertain whether or not any sensitive employee information had been compromised. The investigation revealed that the trespasser had gained access to files containing personal information on present and past workers and their families.
After learning that private employee information had fallen into the wrong hands, The Heritage Group launched a thorough examination of the compromised files to ascertain what data had been exposed and how many workers had been affected. Your full name, Social Security number, and address might have been compromised, albeit the exact details may vary by person.
All persons whose data was compromised as a consequence of the incident were sent letters by The Heritage Group on May 1, 2023.
If The Heritage Group sends you a notification of a data breach, it implies that the breach may have exposed some of your personal information. Identity theft is only one of the many possible consequences of hackers gaining access to your personal data. Finding the hackers responsible for a data breach may be challenging. Whether or not the hackers are identified, it’s possible that they weren’t the only ones responsible for the security lapse. Even if they committed the crime, U.S. data breach regulations mean that victims may be able to sue the company that suffered the leak for compensation.
Companies like The Heritage Group may be victims of cyberattacks, but it is also their responsibility to protect consumers’ personal data. According to state and federal rules, businesses are required to use due diligence while handling consumers’ personal information or risk being held liable for negligence.
Among these safety measures are:
Companies that keep data have a duty to protect consumer data under U.S. data breach regulations. They risk financial liability in the event of a breach that results in unauthorized access to sensitive information. The rules of accountability after a violation aren’t always clear and dry. For this reason, if a breach occurs, you should seek legal counsel.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the The Heritage Group data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the letter sent to affected individuals:
The Heritage Group is writing to inform you of a recent data security incident that may have resulted in unauthorized access to your personal information. You are receiving this letter because you were a prospective, current, or former employee, or a dependent of a current or former employee. The Heritage Group is a collection of companies including Asphalt Materials, Heritage Environmental Services, Heritage Interactive Services, Rineco, Rineco Transportation, Heritage Transportation, Heritage Thermal Services, US Aggregates, and Western States Asphalt. The Heritage Group takes your privacy and security seriously. As such, this letter contains details about the incident and resources to help protect your personal information going forward.
What Happened: In January 2023, The Heritage Group detected and stopped a network security incident that involved an unauthorized party gaining access to our network environment. Upon detecting the incident, The Heritage Group promptly engaged third-party forensic specialists to assist us with securing the network environment and investigating the extent of unauthorized activity. While we have found no evidence that your information has been specifically misused, it is possible that the following personal information could have been acquired by an unauthorized third party: first name, last name, address, Social Security number. We maintain this information for administrative, payroll, and human resources purposes.
What We Are Doing: Data security is among The Heritage Group’s highest priorities, and we are committed to doing everything we can to protect the privacy and security of the personal information in our care. We have made immediate enhancements to our systems, security and practices. Additionally, we have engaged appropriate experts to assist us in conducting a full review of our security practices and systems to ensure that enhanced security protocols are in place going forward. We are committed to helping those people who may have been impacted by this unfortunate situation. Additionally, in response to the incident, we are providing you with access to Single Bureau Credit Monitoring/Single Bureau Credit Report/Single Bureau Credit Score services at no charge. These services provide you with alerts for twenty-four months from the date of enrollment when changes occur to your credit file. This notification is sent to you the same day that the change or update takes place with the bureau. Finally, we are providing you with proactive fraud assistance to help with any questions that you might have or in event that you become a victim of fraud. These services will be provided by Cyberscout through Identity Force, a TransUnion company specializing in fraud assistance and remediation services.