Arthur J. Gallagher & Co. (“Gallagher”) is providing notice of a recent event that may affect the security of certain information.
On September 26, 2020, Gallagher detected a ransomware event impacting our internal systems. Gallagher promptly took its systems offline as a precautionary measure, initiated response protocols, notified law enforcement, launched an investigation with the assistance of third-party cybersecurity and forensic specialists, and implemented its business continuity plans to minimize disruption to its customers, and ensure the ongoing security of its systems. Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, Gallagher determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020.
While the investigation was able to confirm that certain systems were accessed, it was unable to confirm what information within those systems was actually accessed. Therefore, in an abundance of caution, Gallagher conducted an extensive review of the entire contents of the impacted systems and is notifying impacted individuals. On May 24, 2021 Gallagher’s investigation confirmed that the impacted data included information relating to certain individuals. Gallagher continued to work through June 23, 2021 to begin notifying our business partners and to obtain address information for impacted individuals to provide accurate notice to impacted parties. This review determined that one or more of the following types of information associated with certain individuals were present on impacted systems: Social Security number or tax identification number, driver’s license, passport or other government identification number, date of birth, username and password, employee identification number, financial account or credit card information, electronic signature, medical treatment, claim, diagnosis, medication or other medical information, health insurance information, medical record or account number, and biometric information. Gallagher is notifying potentially affected individuals by this posting, notification on its website, and by mailing letters to potentially affected individuals and entities.
Gallagher established a dedicated assistance line for individuals seeking additional information regarding this event. Individuals may call our toll-free assistance line at (855) 731-3320 Monday through Friday (excluding U.S. holidays), during the hours of 8:00 a.m. to 8:00 p.m., Central Time. Individuals may also write to Gallagher at 2850 W. Golf Rd., Rolling Meadows, IL 60008.
Individuals can also find additional information on how they can protect their information as well as obtain additional resources on the Gallagher website www.ajg.kroll.com and in the letters they will receive by mail. Gallagher encourages potentially affected individuals to remain vigilant against incidents of identity theft by reviewing account statements and credit reports for unusual activity and report any suspicious activity immediately to your financial institution.
Steps You Can Take to Help Protect Your Information
Enroll in Identity Monitoring
We have secured the services of Kroll to provide identity monitoring at no cost to you for two years. Kroll is a global leader in risk mitigation and response, and their team has extensive experience helping people who have sustained an unintentional exposure of confidential data. Your identity monitoring services include Credit Monitoring, Fraud Consultation, and Identity Theft Restoration.
Visit www.ajg.kroll.com to activate and take advantage of your identity monitoring services.
Your Identity Monitoring Services Include:
Single Bureau Credit Monitoring
You will receive alerts when there are changes to your credit data – for instance, when a new line of credit is applied for in your name. If you do not recognize the activity, you’ll have the option to call a Kroll fraud specialist, who can help you determine if it’s an indicator of identity theft.
Fraud Consultation
You have unlimited access to consultation with a Kroll fraud specialist. Support includes showing you the most effective ways to protect your identity, explaining your rights and protections under the law, assistance with fraud alerts, and interpreting how personal information is accessed and used, including investigating suspicious activity that could be tied to an identity theft event.
Identity Theft Restoration
If you become a victim of identity theft, an experienced Kroll licensed investigator will work on your behalf to resolve related issues. You will have access to a dedicated investigator who understands your issues and can do most of the work for you. Your investigator can dig deep to uncover the scope of the identity theft, and then work to resolve it.
Monitor Accounts, Financial, and Medical Billing Statements
Under U.S. law, a consumer is entitled to one free credit report annually from each of the three major credit reporting bureaus, Equifax, Experian, and TransUnion. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also directly contact the three major credit reporting bureaus listed below to request a free copy of your credit report.
Consumers have the right to place an initial or extended “fraud alert” on a credit file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact any one of the three major credit reporting bureaus listed below.
As an alternative to a fraud alert, consumers have the right to place a “credit freeze” on a credit report, which will prohibit a credit bureau from releasing information in the credit report without the consumer’s express authorization. The credit freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a credit freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a credit freeze on your credit report. To request a security freeze, you will need to provide the following information:
- Full name (including middle initial as well as Jr., Sr., II, III, etc.);
- Social Security number;
- Date of birth;
- Addresses for the prior two to five years;
- Proof of current address, such as a current utility bill or telephone bill;
- A legible photocopy of a government-issued identification card (state driver’s license or ID card, military identification, etc.); and
- A copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft if you are a victim of identity theft.
Should you wish to place a fraud alert or credit freeze, please contact the three major credit reporting bureaus listed below:
For more such updates and perspectives around Digital Innovation, IoT, Data Infrastructure, AI & Cybsercurity, go to AI-Techpark.com.
