On March 25, 2022, the company Horizon Actuarial Services publicly spoke about a privacy incident involving the theft of their clients’ personal information and subsequent extortion that could affect the private information of participants in various benefit plans they offer. The company stated that computer servers were hacked into without any authorization on 10th and 11th November, 2021.
Thereafter Horizon received an email from a group which claimed having stolen copies of personal data from its computer servers. They launched an investigation, notified the FBI, and negotiated with and paid the group to agree that they delete and not distribute or misuse stolen data. The FBI is against companies compensating hackers that hold data for ransom, as there is no guarantee that such agencies will keep its promises. Individuals yet to receive a Data Breach Notice, can view the statement on Horizon Actuarial’s official website where it states the benefit plans whose participants and family members are included.
Special Privacy Laws in California to Protect You
Every California resident receiving a Data Breach Notice issued by California’s Horizon Actuarial, has laws protecting personal information. The California Customer Records Act (CCRA) requires businesses to maintain reasonable security procedures and practices to protect consumer personal information. The California Consumer Privacy Act (CCPA), a state privacy law, contains protection for personal information of California residents. As a California resident, you are entitled to damages between $100 and $750 or actual damages, whichever is greater.
On Receipt of Data Breach Notices
Suggested steps to protect personal data, was done by offering their consumers a 1-year of identity monitoring service complimentary by Kroll. The Data Breach Notice dictates that consumers must enrol by the declared due-date to utilise this offer. Does this prevent personal data from being sold on the dark web? Dark web monitoring informs you if your information is available for sale to slimey cyber-thieves but cannot prevent transfer of information. Kroll identity monitoring services includes dark web monitoring but as a victim of data breach, you must be alert and watchful for identify theft, tax fraud, unapproved credit card charges, and illegal use of personal data. Identity theft is increasing. In 2018, 23 million people in the USA reported being victims of identity theft. By 2021, over 50 million personal records were compromised nationwide with the T-Mobile data breach affecting 6 million consumers. Experian and Equifax offering credit monitoring services experienced major data breaches affecting 150 million!
These offer an attractive target for hackers as data is traded anonymously, and the going rate for one individual personal record is very low (less than $20 per record, depending on the data according to Dark Web experts). Certain critical personal information like names, social security numbers, and birth-dates are impossible to change. Thieves can wait many years to actually start using compromised personal data. The more time cyber thieves go under the radar, the more they profit from such illegal activities. Law enforcement agencies fail to break sophisticated encryption hiding such unlawful activities. The Internet Crime Compliance Center at FBI received around 800,000 complaints just in 2020. Identity theft victims are left to repair misused social security numbers, credit scores, and health insurance. Not every data breach leads to identity theft. If you know your data is compromised, be prepared for your data to be used to cause significant financial losses. Compromised data increases the risk of phishing, hacking, and enhanced anxiety over future losses due to identity theft.