Earlier this year, American Pool Enterprises (“American Pool”) issued a news release indicating that some files stored on the company’s network that contained sensitive consumer information may have been accessed by an unauthorized third-party. The company expects the recent data breach to impact nearly 60,000 consumers. On September 27, 2021, American Pool released a data breach announcement to all affected individuals, explaining that the compromised information includes the names, addresses and Social Security numbers of affected consumers. Data breaches such as the one reported by American Pool Enterprises pose a serious risk of identity theft and other financial losses to all affected consumers.
If you are among those who received a data breach alert from American Pool Services Financial, it is imperative that you take immediate action to protect your interests. Anyone whose information was compromised in the breach may also be eligible for financial compensation through a data breach lawsuit if evidence emerges that American Pool mishandled their information.
Can American Pool Be Held Financially Responsible to Those Impacted by the Data Breach?
Would you have done business with American Pool Services if you knew your personal information was going to end up in the hands of a possible criminal? Companies have a legal duty to protect consumers’ personal, identifying and financial information. If a business mishandles consumer data, it may be financially responsible for any resulting damages. However, data breach and consumer privacy laws are complex, and there is not enough information to know whether American Pool mishandled consumer information. Our data breach attorneys are currently investigating whether there is a possible class action lawsuit against American Pool Enterprises based on the recent data breach. If you have questions about your ability to bring an American Pool Enterprises class action lawsuit, it is important you reach out to a data breach lawyer as soon as possible.
How to Protect Yourself in the Wake of the American Pool Enterprises Cyberattack
If you received a data breach notification letter from American Pool Enterprises, it doesn’t necessarily mean that someone will use your personal information to steal your identity or engage in other criminal activity. However, this is a possibility that should not be ignored. Given the increasing number of identity theft crimes, it is important that you consider taking the following steps to protect yourself from the financial risks associated with a data breach, including:
Read the American Pool data breach notification letter in full to determine which information was compromised;
Make a copy of the data breach letter and keep it in your records;
Sign up for the free credit monitoring service provided by American Pool Enterprises;
Change all your online account passwords, using a unique password for each site;
Regularly check your bank account and credit report for any signs of unauthorized activity, fraud, or identity theft;
Reach out to one of major credit bureaus to request they add a fraud alert to your account; and
Notify your banks and credit card companies of the data breach.
About American Pool Enterprises
Founded in 1984, American Pool Enterprises is one of the largest swimming pool companies in the United States. American Pool manages, maintains and builds commercial swimming pools and recreational facilities. The company operates in 16 states and the District of Columbia through 26 wholly-owned subsidiaries. a publicly-traded company that provides customer experienced services technology and related services. In total, American Pool serves more than 3,000 commercial swimming pools and over 9,400 residential pools. American Pool Enterprises generates about $54 million in annual revenue.
The Details of the American Pool Enterprises Consumer Data Breach
According to American Pool’s most recent news release, on August 1, 2021, the company realized that it could not access certain files on its network. Upon discovery of the cybersecurity incident, American Pool enlisted the assistance of computer forensic specialists, who determined that the affected files may have been accessed by an unauthorized third party. While the investigation is ongoing, American Pool believes that the unauthorized party had access to the files between July 31, 2021 and August 1, 2021.
After reviewing the compromised files, American Pool determined that the files contained the names, addresses, and Social Security numbers of 59,749 individuals. On September 27, 2021, the American Pool Enterprises sent out data breach notification letters to all parties impacted by the hacking event.
Below is a copy of the data breach letter issued by American Pool Enterprises (a copy of the actual notice sent to consumers can be found here). The copy below is unedited.
American Pool Enterprises Inc. (“American Pool”) is writing to inform you about an incident which may impact the security of some of your information. The confidentiality, privacy, and security of information in American Pool’s care is one of our highest priorities. We are providing you with information about the event, our response, and steps you may take to better protect your information, should you feel it is appropriate to do so.
On August 1, 2021, American Pool discovered that it could not access files on certain servers. American Pool immediately launched an investigation into the incident, with the assistance of third-party computer forensic specialists. That investigation is ongoing, but determined that certain files within the American Pool network were subject to unauthorized access. As a result, we took steps to identify what information was contained within the impacted files, and to whom that information belonged. American Pool then took steps to identify contact information for the impacted individuals. That process completed on August 25, 2021. We are notifying those individuals whose information was impacted by the incident.
What information was involved?
The impacted information relating to you includes name, address, and Social Security number. At this time, there is no indication that your information has been subject to actual or attempted misuse.
What Are We Doing?
American Pool takes the confidentiality and security of information very seriously. We promptly investigated this incident and took steps to secure our systems. We also implemented additional security measures and are reviewing and enhancing existing policies and procedures to reduce the likelihood of a similar future event. As an added precaution, we are providing you with access to complimentary identity monitoring services through Kroll for one year.
What Can You Do?
We encourage you to remain vigilant against incidents of identity theft and fraud and to review your account statements and free credit reports for suspicious activity and to detect errors. We also encourage you to review the “Steps You Can Take to Help Protect Your Information” section of this letter.
For More Information.
We understand you may have additional questions not addressed by this letter. If you have questions, please call our dedicated assistance line at 1-???-???-???? during 8:00 am to 5:30 pm Central Time, Monday through Friday.
We regret any inconvenience or concern caused by this incident.