On August 23, 2022, Axel Royal LLC (“Axel”) reported a data breach on the company’s website as well as with various state attorney general offices. According to Axel, the breach resulted in the names, driver’s license numbers, state ID numbers, financial account information, payment card information, medical information, health insurance information, Social Security numbers, passport numbers, biometric data, and online account credentials of certain individuals being compromised. After confirming the breach and identifying all affected parties, Axel Royal began sending out data breach letters to all affected parties.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Axel Royal data breach, please see our recent piece on the topic here.
What We Know About the Axel Royal Data Breach
The information about the Axel Royal LLC data breach comes from two sources: the notice posted on the company’s website as well as an official filing with the Montana Attorney General’s Office. According to the most recent information, Axel Royal recently learned of a data security incident that impacted the company’s computer system and may have compromised the security of consumer data in the company’s possession. While Axel Royal did not provide the date it discovered the incident, the company notes that as soon as it learned of the breach, it opened an investigation with the assistance of third-party cybersecurity professionals.
The Axel Royal investigation confirmed that an unauthorized party gained access to the company’s computer network between February 8, 2022 to March 7, 2022, and copied certain files stored on the network during that period.
Believing that sensitive consumer data may have been accessible to the unauthorized party, Axel Royal began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. While the breached information varies depending on the individual, it may include your name, driver’s license number, state ID number, financial account information, payment card information, medical information, health insurance information, Social Security number, passport number, biometric data, and online account credentials.
On August 23, 2022, Axel Royal sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About Axel Royal LLC
Based in Tulsa, Oklahoma, Axel Royal LLC is a manufacturing company that produces lubricating oil and grease products. Primarily, Axel Royal serves customers in the following industries: agriculture, automotive, biodegradable, construction, food grade, forestry, industrial, marine, mining, oil and natural gas, and transportation. Axel Royal employs more than 93 people and generates approximately $21 million in annual revenue.
How Hackers Use Social Security Numbers to Defraud Consumers
The main purpose of most cyberattacks is to obtain sensitive information that can be used to commit various types of fraud. Hackers and cybercriminals are constantly developing new ways to obtain consumers’ personal, financial and protected health information. But how can cybercriminals profit off of your stolen information?
If you haven’t been through a data breach before, you may assume that it would be as easy as making a few phone calls to clear up any unauthorized use of your information. However, that is not necessarily the case, especially when hackers obtain your Social Security number.
Criminals have a few different ways to profit off of stolen Social Security numbers; below are a few of the most common.
Open Credit Cards or Take Out Loans
Perhaps the most frequently perpetrated fraud after a data breach involves hackers using your information to open up a new line of credit. Typically, this involves a hacker applying for a loan or credit card in a victim’s name. While a hacker would also need your date of birth and address to open an account, once they have your name and Social Security number obtaining the other information isn’t challenging. For example, a hacker might be able to access your information if it was leaked in a different data breach or by running a quick online search using the information they already have.
Tax Refund Fraud
A hacker who steals your Social Security number can file a fraudulent tax return on your behalf. The idea behind this type of fraud is to intercept your tax refund. Unfortunately, victims of tax refund fraud often don’t realize they’ve been targeted until the IRS rejects their tax return because it’s already been filed. To reduce the chances of a hacker successfully committing tax refund fraud, you should file your tax return as soon as possible.
Open Fraudulent Utility Accounts
To open up a utility account, all a hacker needs is your name, address and your Social Security number. While this may seem like a minor issue, imagine opening your mailbox to find a past-due utility bill for thousands of dollars. According to the Federal Trade Commission, 13 percent of fraud incidents in 2016 involved the creation of new phone and utility accounts. So, while this isn’t the most common type of fraud, it still occurs with startling frequency.
Victims of a data breach who want to learn more about the steps they can take to protect themselves and whether they have a legal claim against the company that leaked their information should reach out to a data breach lawyer for assistance.