Information Security

Safer Foundation Provides Notice of Data Privacy Incident

Safer Foundation is providing notice of a recent event that may impact the privacy of certain individuals’ information. Safer Foundation is unaware of any actual or attempted misuse of individuals’ information as a result of this event but is providing details about the event, steps it has taken in response, and resources available to help individuals better protect their information, should they feel it is appropriate to do so.

What Happened? Safer Foundation experienced a data security event that impacted computer system operations and caused a temporary disruption to certain client services. Safer Foundation immediately launched an investigation to determine the nature and scope of the incident. As part of its investigation into the root cause of the incident, Safer Foundation’s email system was reviewed for evidence of suspicious activity. Through that review, Safer Foundation confirmed that two employee email accounts, which could have contained sensitive information, had been subject to unauthorized access intermittently between July 24 and August 31, 2020. However, the investigation was unable to determine which, if any, emails and attachments in these accounts were viewed by the unauthorized actor. Therefore, Safer Foundation conducted a thorough review of the potentially at-risk contents of the accounts to determine whether they contained any sensitive information. When Safer Foundation received the results of this review, it determined that certain sensitive information was accessible in the email accounts during the period of unauthorized access. As such, Safer Foundation undertook efforts to locate address information for potentially impacted individuals and determine its relationship to those individuals in order to provide accurate and complete notices.

What Information Was Involved? Safer Foundation cannot confirm if the unauthorized actor(s) accessed or viewed any specific information relating to individuals. However, Safer Foundation recently determined that the information present in one of the impacted accounts and therefore accessible at the time of the incident included a combination of certain individuals’ names, driver’s license numbers / state identification numbers, financial account information, Social Security numbers, passport numbers, payment card information, medical information, and/or online account credentials (i.e. usernames and passwords). Please note that the information varies by individual and for many individuals, a limited number of data types were determined to be accessible.

What Safer Foundation Is Doing. Safer Foundation has taken steps to enhance the security of its systems, including resetting the affected employees’ email account passwords. As part of its ongoing commitment to the privacy and security of information in its care, Safer Foundation is providing enhanced training to employees regarding data privacy and information security best practices. Safer Foundation is in the process of reviewing its existing policies and procedures to mitigate any risks associated with this event and to better prevent future events.

As an added precaution, Safer Foundation is providing affected individuals access to complimentary credit monitoring and identity restoration services through Kroll, along with guidance on how to better protect against the possibility of information misuse.

What You Can Do. Individuals can find out more about how to protect themselves generally against the potential misuse of information by reviewing guidance on Safer Foundation’s website titled Steps You Can Take to Protect Information. You may access that information by visiting the Notice of Privacy Event posted at https://saferfoundation.org/notice-of-privacy-event/. The guidance provides additional information regarding fraud alerts and security freezes, as well as contact information for the nationwide consumer reporting agencies. Individuals will also find further information about the services Safer Foundation is offering to eligible individuals on its website via the hyperlink above.

For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybsercurity, go to AI-Techpark.com.

Related posts

Cygilant & SentinelOne Offers Businesses Automated Cybersecurity

Business Wire

Ventiv Technology Appoints Jennifer Butts as New VP of InfoSec

Business Wire

Aware, Inc., achieves SOC 2 Type I compliance for AwareID

GlobeNewswire