Today, OE Enterprises, Inc. (“OE”), a private non-profit company providing services and training such as day support, job placement, job training, and job retention assistance to persons with disabilities and other employment barriers, began providing notice of a data security event that potentially affects the data privacy of certain individuals who receive services from OE.
On March 21, 2022, OE was alerted to suspicious activity within an OE employee’s email account. Upon discovery, OE re-set all employees’ email account passwords, and launched an investigation into the nature and scope of the event. With the assistance of third-party cybersecurity specialists, OE learned that an unauthorized actor accessed certain OE email accounts and may have viewed or acquired data from the accounts between January 20, 2022 and March 21, 2022. While OE does not have any evidence of misuse of any consumer information in connection with this incident, out of an abundance of caution, OE is providing notice of the event so potentially affected individuals may take steps to better protect their personal information, should they feel it is appropriate to do so.
Information security remains one of the highest priorities for OE. OE is evaluating its existing policies, procedures, and processes, including those related to email account security, to determine whether additional measures are appropriate in an effort to reduce the likelihood of a similar future event. OE continues to work with cybersecurity specialists to further enhance the security of the information stored on OE’s systems.
The information potentially at risk varies by individual. OE continues efforts to understand the full impact of the event. While those efforts remain underway, the information potentially at risk may include the following types of information related to certain consumers: name, address, date of birth, Social Security number, driver’s license number, financial account information, health insurance information, and medical treatment/diagnosis information.
OE is notifying potentially affected individuals via a posting on its website, which is available at the following link: http://oeenterprises.org/notice-of-data-security-event/. OE will also provide direct notice to potentially affected individuals as soon as feasible when its review is completed. Should individuals have questions regarding this incident, they may call a dedicated assistance line at 844-954-2984, which is available Monday through Friday, 9 a.m. to 9 p.m. Eastern Time. Individuals may also write to OE at 348 Elizabeth Brady Road, Hillsborough, NC 27278.
We encourage individuals to remain vigilant against incidents of identity theft and fraud by reviewing account statements, explanation of benefits forms, and free credit reports for suspicious activity and to detect errors.
Under U.S. law, a consumer is entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian, and TransUnion. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also directly contact the three major credit reporting bureaus listed below to request a free copy of your credit report.
Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the three major credit reporting bureaus listed below.
As an alternative to a fraud alert, consumers have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer’s express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a credit freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a credit freeze on your credit report. To request a credit freeze, you will need to provide the following information: