On August 6, 2021, the recruiting agency Career Group, Inc. (“Career Group”) experienced a data breach affecting the personal information of nearly 50,000 consumers. Later that month, on August 31, 2021, Career Group publicly announced that an unauthorized party accessed sensitive information, which included affected parties’ names and social security numbers. In an interesting turn of events, the unauthorized party subsequently informed Career Group that the data had been destroyed and was not further distributed to others. Given this recent news, all current and former employees of Career Group who were impacted by the breach are at an increased risk of experiencing identity theft or other financial losses related to the misuse of their personal information.
If you recently received a data breach letter from Career Group, it is essential that you treat the situation with the seriousness it deserves. Additionally, you may be eligible for financial compensation through a data breach lawsuit if evidence emerges that Career Group mishandled the data leading up to the breach.
Can Data Breach Victims Hold Career Group Financially Liable?
When you sought Career Group’s assistance to help you find a job or assist with the onboarding of a new employee, you never expected your decision would result in your personal information ending up in the hands of a total stranger. However, that is exactly what appears to have happened here.
Businesses like Career Group have an obligation to protect consumers’ personal, identifying and financial information. If a business does not safeguard consumers’ data, consumers can pursue a data breach lawsuit against the company. Of course, data breach and consumer privacy laws are quite complex, and it is too early to tell if Career Group’s negligence played a role in the data breach. However, our data breach law firm is currently investigating whether there is a possible class action data breach lawsuit against Career Group, Inc. If you have questions about your ability to bring a Career Group class action lawsuit, it is important you reach out to a data breach lawyer as soon as possible.
Protecting Yourself in the Wake of the Career Group Data Breach
If Career Group, Inc. sent you a data breach notification, the situation deserves your attention. This notice indicates that an unauthorized third party accessed your personal information. Why the third party sought out your data is unclear; however, often, cybercriminals hack systems to obtain information that can later be used to assume the identity of the victim. Other times, they sell the information to the highest bidder. Either way, the result is the same: your information ends up in the hands of a total stranger. While this doesn’t necessarily mean that you will be the victim of identity theft, it is a possibility you shouldn’t ignore. Thus, it is important that you take the following steps to protect yourself from identity theft and the other possible financial risks that can step from a data breach:
Carefully read the data breach letter from Career Group to determine what information was compromised;
Keep a copy of the letter for your records;
Sign up for the free credit monitoring service provided by Career Group, Inc.;
Change the passwords for all online accounts;
Frequently check your bank accounts and credit cards for any signs of suspicious activity, fraud, or identity theft;
Regularly monitor your credit report for any unexpected changes that may indicate unauthorized activity;
Contact one of the major credit bureaus and request they add a fraud alert to your account; and
Notify your banks and credit card companies of the data breach.
About Career Group, Inc.
Career Group is a recruiting firm that connects employers with potential employees across various types of positions, including corporate services; creative and digital services; event staffing services; fashion, beauty, and lifestyle services; and executive services. The company was founded in 1981 by Susan Levine and is currently headquartered in Los Angeles, California. However, Career Group operates offices in San Francisco, New York, Los Angeles, Miami and Greenwich, CT.
The Details of the Career Group, Inc. Consumer Data Breach
According to the company’s most recent data breach letter, on July 2, 2020, Career Group noticed signs of unauthorized activity on one of the company’s networks. In response, Career Group retained the services of a cybersecurity firm, which determined that an unauthorized party may have viewed and removed sensitive information relating to nearly 50,000 customers. It was also discovered that the data was accessible to the third party between June 28, 2021, and July 7, 2021.
While it is unclear how Career Group determined the identity of the unauthorized third party, the company reports that it has received assurances from the third party that all consumer information has been destroyed and was not passed on to other parties.
Below is a copy of the data breach letter issued by Career Group, Inc. (a copy of the actual notice sent to consumers can be found here):
We are writing with important information regarding a recent security incident. The privacy and security of the personal information we maintain is of the utmost importance to Career Group Companies. We wanted to provide you with information about the incident, explain the services we are making available to you, and let you know that we continue to take significant measures to protect your personal information.
On July 2, 2021, Career Group Companies detected potential unauthorized access to its network.
What We Are Doing
Upon learning of this issue, we contained and secured the threat, commenced a prompt and thorough investigation, and notified law enforcement. We immediately launched an investigation in consultation with outside cybersecurity professionals who regularly investigate and analyze these types of situations to help determine whether any sensitive data had been compromised because of the incident. Our investigation determined that the unauthorized party potentially removed certain files and folders from portions of our network between June 28, 2021 and July 7, 2021. We received assurances from the unauthorized party that the data removed from our environment was permanently deleted and not further disseminated.
What Information Was Involved
On August 6, 2021, following an extensive review and analysis of the data at issue, we determined that certain files and folders potentially removed from our network contained your Given the unauthorized network access, potential acquisition of certain files and the value we place on our relationship with you, we wanted to notify you about this incident.
What You Can Do
To date, we are not aware of any reports of identity theft arising out of this incident. Nevertheless, out of an abundance of caution, we want to make you aware of the incident. To protect you from potential misuse of your information, we are offering a complimentary one-year membership of Experian IdentityWorksSM Credit 3B. This product helps detect possible misuse of your personal information and provides you with identity protection services focused on immediate identification and resolution of identity theft. IdentityWorks Credit 3B is completely free to you and enrolling in this program will not hurt your credit score. For more information on identity theft prevention and IdentityWorks Credit 3B, including instructions on how to activate your complimentary one-year membership, please see the additional information provided in this letter.
This letter also provides other precautionary measures you can take to protect your personal information, including placing a Fraud Alert and Security Freeze on your credit files, and obtaining a free credit report. Additionally, you should always remain vigilant in reviewing your financial account statements and credit reports for fraudulent or irregular activity on a regular basis.
For More Information
Please accept our apologies that this incident occurred. We are committed to maintaining the privacy of personal information in our possession and have taken many precautions to safeguard it. We continually evaluate and modify our practices and internal controls to enhance the security and privacy of your personal information.
If you have any further questions regarding this incident, please call our dedicated and confidential toll-free response line that we have set up to respond to questions at [phone number redacted]. This response line is staffed with professionals familiar with this incident and knowledgeable on what you can do to protect against misuse of your information. The response line is available Monday through Friday, 8:00 am to 5:30 pm Central Time.