On August 23, 2022, Community Loan Servicing, LLC (“CLS”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on CLS’s network. According to CLS, the breach resulted in the names, Social Security numbers, and financial account information (such as credit/debit card numbers and bank account information) being compromised. Recently, CLS sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.
If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Community Loan Servicing data breach, please see our recent piece on the topic here.
What We Know About the Community Loan Servicing Data Breach
The Community Loan Servicing breach was only very recently reported, so information about the breach is very limited. However, based on the company’s filings with the Attorney General of Texas, the breach involved the names, Social Security numbers and financial account information of 7,218 people in Texas alone. It remains to be seen how many victims of the breach there were in total.
On August 23, 2022, Community Loan Servicing sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Community Loan Servicing, LLC is a loan servicing company based in Coral Gables, Florida. The company purchases loans from banks and other originating institutions and then takes over the receipt of payments. Community Loan Servicing also provides loan support to borrowing parties, for example, by making arrangements for those experiencing financial hardships. Community Loan Servicing employs more than 248 people and generates approximately $53 million in annual revenue.
What Can Cyber Criminals Do with Your Sensitive Information?
Hackers and cybercriminals are always coming up with new ways to obtain consumers’ sensitive information. But how can a hacker profit off of your stolen information? If you are like most people, you understandably assume the risks of a data breach are limited to identity theft or unauthorized transactions; however, the reality is that the harms of a data breach can be far worse. This is especially the case when your Social Security number or financial account information gets leaked.
Criminals have a few different ways to profit off of stolen information.
Fraudulent Utility Accounts
According to the Federal Trade Commission, 13 percent of fraud incidents in 2016 involved the creation of new phone and utility accounts. To open up a utility account, all a hacker needs is your name, address and your Social Security number. While this may not seem like the worst consequence of a data breach, opening up your mailbox to find utility bills for thousands of dollars can be alarming. Not only that, but depending on the utility, the company may be able to place a lien on your home or garnish your wages if the bills go unpaid.
Unauthorized Credit Cards and Loans
Perhaps the most common harm of a data breach involves hackers using your information to open up a new line of credit. Most often, this means a hacker applies for a new credit card or personal loan in your name. Of course, to perpetrate this type of fraud, a hacker also needs your date of birth and address. However, that is of little consequence as once they have your name and Social Security number, obtaining the other information is usually a simple task. For example, a hacker may have access to your other information through another data breach, a database of previously compromised information, or by conducting an online search using the stolen information.
Tax Refund Fraud
A hacker who steals your Social Security number may be able to obtain your tax return by filing a fraudulent tax return on your behalf. Typically, this occurs in the early part of the year, before most people have filed their tax returns. Unfortunately, victims of tax refund fraud often don’t realize they’ve been targeted until the IRS rejects their tax return because it’s already been filed. To reduce the chances of a hacker successfully committing tax refund fraud, you should file your tax return as soon as possible.
Victims of a data breach should not adopt a “wait and see” approach because once the wheels of fraud are put into motion, the situation becomes much more difficult to resolve. Instead, victims should immediately reach out to a data breach lawyer to learn more about how they can protect themselves and what rights they have to pursue a legal claim against the company that leaked their information.