SN Servicing Corporation Notifies Clients of Data Security Breach

SN Servicing Corporation Notifies Clients of Data Security Breach-01

SN Servicing Corporation (“SN”) has become aware of an incident that may have exposed some of our borrower’s data, including name, contact information, date of birth, social security number, and loan/borrower information. SN takes clients’ privacy very seriously and has taken steps to notify any clients who may have been affected by this incident. SN sincerely regrets any inconvenience that this incident may cause and remains dedicated to protecting clients’ personal information.

What Happened? On or about October 15, 2020, SN discovered unauthorized access to its network.  Upon discovery, SN immediately terminated the access and retained a specialized cybersecurity forensic team to conduct an investigation to determine the nature and scope of the Incident.  The forensics team first identified the name and locations of files that were exfiltrated from the firewall records.  This investigation concluded on or about November 24, 2020.  Based on the results of the investigation, it was determined that an unauthorized party may have been able to access sensitive personal information for some of our borrowers.

SN was able to quickly identify a subset of documents which were believed to contain sensitive information for some borrowers.  In the interest of notifying the borrowers as quickly as possible, a preliminary notice was provided for that collection of documents.  A data mining vendor was then hired to review the remaining documents to identify any additional individuals that may have been affected and what data may have been exposed.  The data mining team provided its initial results on or about April 27, 2021.  SN then engaged in a substantial data validation process to verify the accuracy of the data and reconcile to internal records.  This validation exercise concluded on or about June 9, 2021.  SN then procured credit monitoring for affected individuals and drafted notices to individuals, consumer credit reporting agencies, and state regulators as appropriate.

What information was involved? While we have no reason to believe that your information has been misused as a result of this incident, we are notifying you out of an abundance of caution and for purposes of full transparency.  Based on the investigation, the unauthorized party may have had access to one or more of the following data elements: name, contact information, date of birth, social security number, and loan/borrower information.  Please note that not every data element was present for every individual.  While we appreciate that the incident may be concerning, please note that SN is not aware of any instances of misuse of sensitive data.

Also Read: DDoS Attacks Up-Surged Like Never Before Amid the Pandemic

What Is SN Doing? SN engaged a specialized cybersecurity firm to conduct an investigation of the incident. Since the incident, SN has continued to strengthen their security posture.  Additionally, we have also obtained complimentary credit monitoring for all affected individuals.  We encourage you to take advantage of the complimentary credit monitoring services.

What You Can Do. SN encourages individuals to remain vigilant against incidents of identity theft and fraud, to review account statements, and explanation of benefits forms, and to monitor free credit reports for suspicious activity and to detect errors. Additional steps individuals can take are provided in the below “Steps You Can Take to Protect Personal Information.”

For More Information.  SN sincerely regrets any inconvenience that this incident may cause to its clients and remains dedicated to protecting their information. If you have worked with SN and have any questions or concerns about this incident, please contact (855)-867-0891 between 8:00 a.m. and 5:00 p.m. Central Time.

For more such updates follow us on Google News ITsecuritywire News