Posted On April 25, 2023 Consumer Privacy & Data Breaches
April 25 – United Steelworkers Local 286 informed the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) of a data breach on April 14, 2023, after discovering that a third party had gained access to member information through a hacked email account. According to the company’s official report, the event led to the exposure of consumers’ names, birth dates, driver’s license numbers, Social Security numbers, passport numbers, bank account information, protected health information, and state ID numbers. When it became clear that sensitive information had been compromised, USW Local 286 immediately started notifying those who were affected.
Console & Associates, P.C. urges anybody who has received a letter from USW Local 286 informing them of a data breach to speak with our data breach lawyers as soon as possible. We’re here to help you figure out what to do next, get advice on how to safeguard yourself, and evaluate whether or not you have grounds to sue USW Local 286 over a data breach.
Steelworkers, industrial workers, and others numbering in the neighborhood of 1.2 million are all represented by United Steelworkers Local 286, a labor organization. USW has a main office in Philadelphia, Pennsylvania, and it has members all throughout the United States, Canada, and the Caribbean. USW Local 286 was founded in 1936 and has since grown to employ more than EMP individuals.
In a filing with the HHS-OCR and a notification on the organization’s website, USW Local 286 reveals that it became aware of a breach in security after an unauthorized third party gained access to an employee’s email account. Accordingly, USW Local 286 locked down the compromised account and launched an investigation with the help of industry-leading cybersecurity professionals.
The USW Local 286 investigation, completed on February 13, 2023, determined that between June 16th and July 18th, 2022, an unauthorized individual gained access to an employee’s email. It was also discovered that some of the stored emails and files included sensitive information about members.
USW Local 286 started reviewing the affected files after learning that sensitive customer data had been made accessible to an unauthorized person. Their goal was to ascertain what information had been stolen and how many customers had been affected. Your name, date of birth, driver’s license number, Social Security number, passport number, driver’s license number, bank account information, protected health information, and state ID number might be among the information compromised.
On April 14, 2023, USW Local 286 notified all affected persons of a data breach by letter.
Once a hacker has access to sensitive data, they waste little time utilizing it or selling it on the dark web. Because hackers generally have a head start, it’s important for victims of data breaches to act quickly to limit the harm they may inflict.
The following is a set of immediate safety measures that you may take. This is not a comprehensive list, and you may want to take further action if the data breach compromises your financial information.
A breached company has a responsibility to notify all affected individuals and the relevant state authorities. Please review the materials given by USW Local 286 with great care. Information concerning the breach, such as how the hackers got access to the system, future plans for patient protection, and whether or not any victims have reported fraud or identity theft, is often included in data breach letters.
The main credit reporting companies provide free freezes and fraud warnings. With a credit freeze in place, no one may access your credit report without your permission. A fraud alert serves as a warning signal to other businesses. Any business that pulls your credit report will be alerted to the possibility that you have been the victim of identity theft or fraud.
Keeping a close eye on your finances is usually a smart idea. Keep an eye on your bank and credit card statements for any unusual behavior, and report it immediately if you find it.
The security of your online accounts should be a top priority, even if your financial data was not stolen. It’s time to update all of your passwords. When attempting fraud or identity theft, hackers often hunt for other accounts to get the necessary information. If two-factor authentication can be set up, do so.
The consumer privacy lawyers at Console & Associates, P.C. help customers affected by data and security breaches pursue legal solutions by offering free consultations. By explaining your rights in clear, concise terms, we help you make an informed decision about your next steps. If you are a victim of the United Steelworkers Local 286 data breach, Console & Associates, P.C. will investigate at no charge to you and offer advice on how to proceed. If you decide to pursue a case, rest assured that we don’t get paid unless you do. If your claim is successful, legal fees are either paid out of the funds recovered or by the defendant. If your claim is not successful, you pay nothing.
Below is a portion of the notice posted on their website:
Philadelphia, PA – April 14, 2023 – The privacy and security of the personal information we maintain is of the utmost importance to United Steelworkers Local 286 (“USW Local 286”). USW Local 286 determined that an unauthorized party obtained access to a USW Local 286 employee email account. Upon learning of the issue, we secured the account and commenced a prompt and thorough investigation. As part of our investigation, USW Local 286 engaged leading cybersecurity experts to identify what personal information, if any, might have been present in the impacted email account.
After an extensive forensic investigation and manual document review, we discovered on February 13, 2023 that the email account, which was accessed between June 16, 2022 and July 18, 2022, contained personal information pertaining to a limited number of individuals, such as full names, Social Security numbers, dates of birth, financial account numbers, driver’s license and/or state identification numbers, passport numbers, financial account numbers, medical treatment information, medical record numbers, biometric information, and health insurance information.
USW Local 286 is not aware of any reports of identity fraud or improper use of personal information as a direct result of this incident. However, out of abundance of caution, commencing on April 14, 2023 USW Local 286 notified individuals whose information may have been included in the files accessed by the unauthorized party. Notified individuals have been provided with best practices to protect their information, and individuals whose Social Security numbers were contained in the impacted files have been offered complimentary credit monitoring.
USW Local 286 is committed to maintaining the privacy of personal information in its possession and has taken many precautions to safeguard it. USW Local 286 continually evaluates and modifies its practices to enhance the security and privacy of the personal information it maintains.
For individuals who have questions or need additional information regarding this incident, or to determine if they are impacted and are eligible for credit monitoring, USW Local 286 has established a dedicated toll-free response line at 877-870-9636. The response line is available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time.