NJ law firm provides notice of breach
PARAMUS, N.J., March 22, 2021 /PRNewswire/ — DeCotiis, FitzPatrick, Cole & Giblin, LLP (“DFCG”) is providing notice of a recent incident that may affect the security of information for current or former clients and other individuals who were either directly or indirectly involved as a party involved in a DFCG legal matter. The confidentiality, privacy, and security of information in DFCG’s care is one of its highest priorities and DFCG take this incident very seriously. To date, DFCG has not received any reports of actual or attempted misuse of information related to this incident.
What Happened? On or about May 4, 2020, DFCG learned of suspicious activity related to a DFCG employee email account. Upon learning of this activity, DFCG immediately took steps to secure the account and began an investigation, which included working with third-party IT experts and forensic investigators, to determine the nature and scope of the activity. Through this investigation, DFCG determined that an unknown actor gained unauthorized access to certain DFCG employee email accounts for a limited timeframe on separate occasions between April 28, 2020 and May 8, 2020. During this limited timeframe, the unauthorized actor may have had access to certain emails and attachments within the accounts.
What Information Was Involved? While the investigation was able to determine certain email accounts were accessed, it was unable to determine whether any specific email or attachment was actually accessed by the unauthorized actor. Therefore, in an abundance of caution, on or about September 16, 2020, DFCG, with the assistance of third-party forensic investigators completed an extensive, programmatic and manual review of the contents of the impacted email accounts to determine the types of protected or confidential information contained in the email accounts and to which individuals the information relates. Upon completion of this review, DFCG immediately launched a review of its files to ascertain address information for the impacted individuals. DFCG review confirmed that certain individual’s information, including name, date of birth, Social Security number, and/or driver’s license/state identification number, were present in one of the email accounts at the time of this incident.
What We Are Doing. Upon discovering this incident, DFCG immediately reset the relevant account passwords and took steps to determine what personal, sensitive, and confidential data was at risk. DFCG also confirmed the security of employee email accounts and related systems. As part of our ongoing commitment to the security of personal information in DFCG’s care, DFCG is working to review existing policies and procedures, to implement additional safeguards, and to provide additional training to DFCG employees on data privacy and security. DFCG will also be providing affected individuals with credit monitoring and will be notifying state regulators, as required.
For More Information. You may have questions about this incident that are not addressed in this notice. If you have additional questions and you believe you may be impacted by this incident, please call DFCG at our dedicated assistance line at 800-409-9485 between the hours of 9am and 9pm EST. You may also write to DFCG at 61 S. Paramus Road, Suite 250, Paramus, New Jersey 07652 or visit DFCG’s website at https://www.decotiislaw.com/.
What You Can Do. DFCG sincerely regrets any inconvenience this incident may cause. DFCG encourages any impacted individuals to encourages any impacted individuals to remain vigilant against incidents of identity theft and fraud, to review their account statements, and to monitor their credit reports for suspicious activity. Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also contact the three major credit bureaus directly to request a free copy of your credit report.
Individuals have the right to place a “security freeze” on their credit report, which will prohibit a consumer reporting agency from releasing information in their credit report without their express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in their name without their consent. However, individuals should be aware that using a security freeze to take control over who gets access to the personal and financial information in their credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application they make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, individuals cannot be charged to place or lift a security freeze on their credit report. Should and individual wish to place a security freeze, please contact the major consumer reporting agencies listed below: