Community Bridges Notifies Individuals of Data Security Incident

Community Bridges Notifies Individuals of Data Security Incident

 

August 26, 2022 – Community Bridges, a New Hampshire based non-profit agency with a mission to advance the integration, growth, and independence of individuals with development disabilities, has learned of a data security incident that may have involved data belonging to current and former individuals served by Community Bridges and employees.

 On March 1, 2022, Community Bridges discovered it was the victim of a sophisticated cybersecurity attack affecting the digital network. Community Bridges took immediate steps to secure the network environment and engaged cybersecurity experts to assist with an investigation. The investigation determined that an unknown actor gained access to and obtained data from the Community Bridges network without authorization. After a thorough investigation, on July 29, 2022, it was determined that certain personal information was potentially involved in the incident. Community Bridges then took steps to identify current contact information and to notify affected individuals and to provide complimentary identity protection and credit monitoring services.  

 The following personal and protected health information may have been involved in the incident: name, address, Social Security number, government identification number, medical information, health insurance information, and/or date of birth.

As soon as it discovered the incident, Community Bridges took the steps referenced above. Community Bridges also notified the Federal Bureau of Investigation and will provide whatever cooperation is necessary to hold the perpetrators accountable, if possible. Community Bridges takes the security and privacy of personal information in its possession very seriously and is taking additional steps to prevent a similar event from occurring in the future.

 To date, Community Bridges is not aware of any evidence of the misuse of any information potentially involved in this incident.  However, beginning on August 24, 2022, Community Bridges mailed notice of this incident to potentially impacted individuals.  In this notification letter, Community Bridges provided information about the incident and about steps that potentially affected individuals can take to protect their information.  Community Bridges also offered individuals access to complimentary credit monitoring and identity protection services through IDX. 

 Community Bridges has established a toll-free call center to answer questions about the incident and to address related concerns. Call center representatives are available Monday through Friday between 9:00 am – 9:00 pm Eastern Time and can be reached at 1-833-764-2095. Individuals can also access information regarding the incident, services, and steps you can take to protect your information online at https://response.idx.us/account-creation/protect. All potentially affected individuals may qualify for complimentary credit monitoring and identity protection services through IDX.  Individuals who have not received a notification letter must obtain verification of eligibility through the call center to enroll in services.

 The privacy and protection of personal and protected health information is a top priority for Community Bridges, which deeply regrets any inconvenience or concern this incident may cause.

While we are not aware of the misuse of any potentially affected individual’s information, we are providing the following information to help those who want to know more about steps they can take to protect themselves and their personal information:

 What steps can I take to protect my personal information?

• Please notify your financial institution immediately if you detect any suspicious activity on any of your accounts, including unauthorized transactions or new accounts opened in our name that you do not recognize. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
• You can request a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-833-365-2599. Contact information for the three nationwide credit reporting agencies is listed at the bottom of this page.

• You can take steps recommended by the Federal Trade Commission to protect yourself from identity theft. The FTC’s website offers helpful information at www.ftc.gov/idtheft.

• Additional information on what you can do to better protect yourself is included in your notification letter.

How do I obtain a copy of my credit report?

You can obtain a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies.  To order your credit report, free of charge once every 12 months, please visit www.annualcreditreport.com   or call toll free at 1-877-322-8228. Use the following contact information for the three nationwide credit reporting agencies:

TransUnion P.O. Box 1000 Chester, PA 19016 1-800-916-8800 www.transunion.com

Experian P.O. Box 9532 Allen, TX 75013 1-888-397-3742 www.experian.com

Equifax P.O. Box 105851 Atlanta, GA 30348 1-800-685-1111 www.equifax.com

How do I put a fraud alert on my account?

You may consider placing a fraud alert on your credit report. This fraud alert statement informs creditors to possible fraudulent activity within your report and requests that your creditor contact you prior to establishing any accounts in your name. To place a fraud alert on your credit report, contact Equifax, Experian or TransUnion and follow the Fraud Victims instructions. To place a fraud alert on your credit accounts, contact your financial institution or credit provider. Contact information for the three nationwide credit reporting agencies is included in the letter and is also listed at the bottom of this page.

How do I put a security freeze on my credit reports?

You also have the right to place a security freeze on your credit report. A security freeze is intended to prevent credit, loans, and services from being approved in your name without your consent. To place a security freeze on your credit report, you need to make a request to each consumer reporting agency. You may make that request by certified mail, overnight mail, or regular stamped mail, or online by following the instructions found at the websites listed below. You will need to provide the following information when requesting a security freeze (note that if you are making a request for your spouse, this information must be provided for him/her as well): (1) full name, with middle initial and any suffixes; (2) Social Security number; (3) date of birth; (4) address. You may also be asked to provide other personal information such as your email address, a copy of a government-issued identification card, and a copy of a recent utility bill or bank or insurance statement. It is essential that each copy be legible, display your name and current mailing address, and the date of issue. There is no charge to place, lift, or remove a freeze. You may obtain a security freeze by contacting any one or more of the following national consumer reporting agencies:

What should I do if my family member was involved in the incident and is deceased?

You may choose to notify the three major credit bureaus, Equifax, Experian and Trans Union, and request they flag the deceased credit file. This will prevent the credit file information from being used to open credit. To make this request, mail a copy of your family member’s death certificate to each company at the addresses below.

What should I do if my minor child or protected person’s information was involved in the incident?

 You can request that each of the three national credit reporting agencies perform a manual search for a minor’s or protected person’s Social Security number to determine if there is an associated credit report. Copies of identifying information for the minor and parent/guardian may be required, including birth or adoption certificate, Social Security card and government issued identification card. If a credit report exists, you should request a copy of the report and immediately report any fraudulent accounts to the credit reporting agency. You can also report any misuse of a minor’s information to the FTC at https://www.identitytheft.gov/. For more information about Child Identity Theft and instructions for requesting a manual Social Security number search, visit the FTC website:

https://www.consumer.ftc.gov/articles/0040-child-identity-theft. Contact information for the three national credit reporting agencies may be found above.

 PDF Version of the Above Notice

Back To All Announcements