National CARES Mentoring Movement (“NCMM”) is providing notice of a recent data privacy event that may have affected personal information relating to certain individual consultants and employees. Although NCMM is unaware of any misuse of this information, they are providing information about the incident, steps taken since discovering the incident, and steps an individual can take to better protect against potential misuse of their information.
What Happened? On February 18, 2021, NCMM became aware of suspicious activity in certain employee email accounts. They immediately launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the activity. The investigation determined that there was unauthorized access to the affected accounts between January 16, 2021 and February 3, 2021. However, they were unable to determine which, if any, emails and attachments in the email accounts may have been opened or viewed as a result. NCMM conducted a thorough review of the relevant accounts to identify the types of information stored there and to whom it related. On or about August 26, 2021, NCMM’s review determined that the affected accounts contained information related to certain individuals. NCMM has worked since this time to confirm the identities of the impacted individuals and prepare an accurate notification. While NCMM has no reason to believe that any identity theft or unauthorized use of the affected information has occurred, NCMM is providing notice of this incident in an abundance of caution.
Also Read: Four Best Practices CISOs should Adopt for Hybrid Workplace
What Information Was Involved? The information impacted by this event varied by individual but may include certain individuals’ names, Social Security number, driver’s license number, financial account information, medical information, passport number, date of birth, and electronic signature.
How will individuals know if they are affected by this incident? NCMM is mailing notice letters to the individuals whose protected information was affected by this event, and for whom we have a valid mailing address. If you do not receive a letter but would like to know if you are affected, you may call the assistance line listed below.
What is NCMM doing in response? NCMM has taken precautionary measures to protect the information in their possession, and has worked to add further technical safeguards to their environment. Following this incident, NCMM took immediate steps to improve the security of their environment and increase their security posture. NCMM is also implementing additional training and education to employees to prevent similar future incidents. They are also offering the impacted individuals access to complimentary credit monitoring services as an added precaution. Because NCMM has insufficient contact information for some of the individuals whose information may be contained in the impacted email accounts, they are providing notice to those potentially impacted individuals by way of a notification published to media outlets in New York.
What You Can Do. NCMM advises all potentially impacted individuals to remain vigilant by reviewing account statements and monitoring free credit reports for suspicious activity and to detect errors. NCMM encourages individuals to review the information below related to “Steps Individuals Can Take to Help Protect Against Identity Theft and Fraud,” which provides details on how to better protect against possible misuse of information.
For More Information. Individuals who may have questions about the incident may contact NCMM’s dedicated assistance line at (833) 796-8642, Monday through Friday from 6am to 8pm PST and 8am to 5pm PST on Saturday and Sunday (excluding major U.S. holiday).
For more such updates follow us on Google News ITsecuritywire News
