Data breaches involve an unauthorized person intentionally seeking out the personal, identifying and financial information of consumers, often with the intent to use the obtained information for criminal purposes. As a result, a data breach is a major threat to consumer privacy and increases a consumer’s risk of experiencing identity theft and suffering other financial harms. Recently, Ibex Global Solutions, Inc. (“Ibex Global Solutions”) announced that the company’s IT systems were the target of a malware attack, resulting in sensitive consumer data of more than 174,000 people being compromised. On August 6, 2021, the company sent a letter to all affected parties, informing them that their information may have been accessed by an unknown party.
Those who received an Ibex Global Solutions data breach letter should take it seriously. While it’s easy to disregard these notifications if you haven’t noticed any unauthorized activity on any of your accounts, that doesn’t mean it won’t happen in the future. If you recently received a data breach letter from Ibex Global Solutions, Inc., it is imperative that you take the necessary steps to protect yourself and your credit. Additionally, you may be eligible for financial compensation through a data breach class action lawsuit if evidence surfaces that Ibex Global Solutions, Inc. mishandled your data.
Can Consumers Hold Ibex Global Solutions, Inc. Financially Liable for the Data Breach?
Whenever you provide your information to a corporation such as Ibex Global Solutions, there is a small but significant risk that the company mishandles your information. Whether it be a company’s negligent storage of data or failure to maintain adequate cybersecurity protocol, companies can and should be held accountable when they fail to protect consumers’ sensitive information.
Companies like Ibex Global Solutions, Inc. have a legal obligation to protect the personal, identifying and financial information of consumers. While this requires companies to devote time and money to develop security measures, these are merely costs of doing business in a society where cybercrime is rampant. If a business fails to protect consumers’ sensitive information, it may be liable through a data breach class action lawsuit. However, data breach laws are complicated, and it is too early to say whether Ibex Global Solutions, Inc. failed to implement the necessary security systems or otherwise protect against the risk of a breach. However, our data breach law firm is currently investigating whether there is a possible class action data breach lawsuit against Ibex Global Solutions, Inc. If you have questions about whether you can bring an Ibex Global Solutions, Inc. class action lawsuit, reach out to a data breach attorney as soon as possible.
What to Do if You Received an Ibex Global Solutions, Inc. Data Breach Letter
If Ibex Global Solutions, Inc. sent you a data breach notification letter, it is important you consider the impact of what just happened. Essentially, Ibex Global Solutions, Inc. is informing you that an unauthorized person—very likely a criminal—gained access to the company’s servers and may have accessed, viewed, and retained your information. While Ibex Global Solutions, Inc. cannot tell why the third party engaged in the cyberattack, it is essential that you take the necessary steps to protect yourself. Below are a few important steps to reduce the likelihood of identity theft and the other possible consequences of a data breach:
Carefully read the Ibex Global Solutions, Inc. data breach letter to determine what information of yours was accessible to the unauthorized party;
Make a copy of the data breach letter for your records;
Enroll in the free credit monitoring service provided by Ibex Global Solutions, Inc.;
Change all your passwords for online accounts;
Regularly review your credit card and bank account statements for any signs of suspicious activity;
Monitor your credit report for any unexpected changes that may be an indication of identity theft;
Reach out to one of the major credit bureaus and request a fraud alert be added to your profile; and
Notify your banks and credit card companies of the data breach.
About Ibex Global Solutions, Inc.
IBEX Global is a provider of business process outsourcing services, focusing on improving the customer experience for its corporate clients. In this role, Ibex Global helps other companies by taking over certain aspects of running the business, ensuring these processes are run smoothly and result in a positive customer experience. Ibex Global Solutions has 18 business centers in five countries and employs more than 7,000 people. Ibex Global generates about $529 million in revenue each year.
The Details of the Ibex Global Solutions, Inc. Consumer Data Breach
According to the official sources, on August 17, 2020, Ibex Global Solutions learned that the company’s systems were the subject of a malware attack. After investigating the incident, with the assistance of third-party computer specialists, it was determined that the hacker may have accessed information related to 174,862 individuals. While the scope of the compromised information was not disclosed by Ibex Global, the company believes that the breach spanned the period between July 27, 2020 and August 17, 2020. On August 6, 2021, after the company reviewed the report of the third-party specialists retained to investigate the incident, Ibex Global sent data breach notification letters to all parties impacted by the cybersecurity event.
Below is a copy of the data breach letter issued by Ibex Global Solutions, Inc. (the actual notice sent to consumers can be found here). The copy below is unedited.
Ibex Global Solutions, Inc. (“Ibex”) writes to make you aware of an incident that potentially affects the security of your information. This letter provides details of the incident, our response, and resources available to you to help protect your personal information from possible misuse, should you feel it is appropriate to do so.
On August 17, 2020, Ibex learned that it was the victim of a malware attack that impacted the availability of a limited segment of our systems. We immediately took these systems offline and, with the assistance of third-party computer specialists, launched an investigation to determine the nature and scope of the incident. On or about September 15, 2020, the investigation confirmed that certain files on our systems may have been accessed without authorization between July 27 and August 17, 2020. We therefore undertook a meticulous and time-intensive review of the potentially impacted files and our internal systems in order to identify the information that was involved and to whom it related. In connection with this review, on or about September 29, 2020, a third-party firm was engaged to review the potentially impacted files. Ibex, upon receiving and validating the findings of the third-party firm, on or about June 14, 2021, determined that one or more of the potentially impacted folders included information related to individuals.
In conjunction and collaboration with the third-party review team, Ibex continued to diligently review and reconcile the information with internal and public records in furtherance of identifying the individuals to whom the data relates and the appropriate contact information for those individuals. These efforts were completed on or around July 11, 2021, at which time Ibex determined the scope of impacted individuals and the types of protected data associated with those individuals.
We thereafter worked to provide notification to potentially impacted individuals as quickly as possible. Importantly, there is no indication that your specific information was accessed or misused. However, we are notifying potentially impacted individuals out of an abundance of caution.
What information was involved?
Our investigation determined that the information related to you that may have been potentially affected includes your name, <>.
What we are doing?
Information security is among Ibex’s highest priorities, and we have strict security measures in place to protect information in our care. Upon discovering this incident, we immediately took steps to review and reinforce the security of our systems. We have implemented additional cybersecurity measures to further protect against similar incidents moving forward. We reported this incident to law enforcement and are cooperating with their investigation. We are notifying potentially impacted individuals, including you, so that you may take steps to protect your information.
As an added precaution, we are also offering <> months of complimentary access to credit monitoring, fraud consultation, and identity theft restoration services through Equifax. Individuals who wish to receive these services must enroll by following the enrollment instructions found in the enclosed Steps You Can Take to Help Protect Your Personal Information.
What can you do?
We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors. You can find out more about how to protect your information in the enclosed Steps You Can Take to Help Protect Your Personal Information. There you will also find more information on the credit monitoring services we are offering and how to enroll.
For More Information.
We understand that you may have questions about this incident that are not addressed in this letter. If you have additional questions, please call our dedicated assistance line at 866-871-8614 Monday through Friday from 9 am to 9 pm Eastern Time.
We take this incident very seriously and sincerely regret any inconvenience or concern this incident caused you.