Data Breach Alert: StarTek, Inc.

Console and Associates, P.C.
Contact

Recently, StarTek, Inc. announced that the company experienced a data security event involving an unauthorized party gaining access to the company’s computer systems and removing certain data. According to a company news release, on June 26, 2021, StarTek, Inc. experienced a “network disruption.” After conducting a follow-up investigation, the company learned that an unauthorized party unknown actor gained access to and obtained data from the StarTek network without authorization. This information included the first names, last names, Social Security numbers, and dates of birth of the affected parties.

A data breach can occur in a number of ways. However, most often, they are the result of a hacker or other criminal actor breaching a company’s security system and accessing sensitive consumer information that is being stored on the company’s servers. Often, cybercriminals target those companies they know to employ weak or outdated data-security technology. Once a hacker successfully obtains consumer data, they may use that information to commit identity theft or to generate immediate profit by selling the data to the highest bidder.

Those affected by a data breach are significantly more likely to fall victim to identity theft or other potentially serious crimes. In fact, since 2020, identity theft crimes have become much more common. In many instances, identity thieves obtain the data they need to commit these crimes through a data breach. Given the risks, it is essential that anyone who received a data breach letter from StarTek, Inc. take the steps necessary to protect themselves from the risks that data breaches such as this one present.

Companies like StarTek, Inc. have a duty to protect your sensitive consumer data. Thus, if evidence emerges that StarTek, Inc. did not ensure adequate system security leading up to the data breach, you may be eligible for financial compensation through a data breach class action lawsuit.

Can Consumers Affected by the Recent Data Breach Sue StarTek, Inc?

When you provided StarTek, Inc. with your personal information, you trusted that the company would take your privacy seriously. Certainly, anyone in your position would assume that StarTek, Inc. would ensure the safety of their financial and personal information and take whatever steps were necessary to prevent the data from ending up in the possession of a potential criminal. However, news of the StarTek, Inc. data breach raises serious questions about the company’s data security measures in place at the time of the breach and, potentially, the company’s commitment to consumer privacy.

All businesses that obtain and store consumer data have an ethical and legal obligation to ensure it remains private. Of course, developing and maintaining a data-security system is an additional expense; however, it is also a necessary cost of doing business in an environment where hacking and cyberattacks are common.

If a business fails to protect consumers’ privacy, it may be liable through a data breach class action lawsuit. Of course, United States data breach laws are complex, and news of this data breach is very recent. As a result, at this time, there is no evidence that StarTek, Inc. was negligent in how it maintained consumer data or that its security systems were inadequate. However, our data breach lawyers are looking into the breach to determine what legal remedies affected consumers may have against StarTek, Inc.

If you have questions about your ability to bring a class action lawsuit against StarTek, Inc., it is essential that you contact a data breach attorney as soon as possible.

What to Do if You Received a Data Breach Notification from StarTek, Inc.

If you received a data breach letter from StarTek, Inc., you were among those whose personal data was compromised in the recent data breach. It also means a total stranger may have accessed, viewed, and retained your sensitive personal information. While no one can know with any certainty why a hacker wanted your information or what they intend to do with it, it is essential you protect yourself and your financial accounts by taking the following steps:

  • Carefully read the data breach letter sent by StarTek, Inc. to determine what information of yours was accessible;
  • Make a copy of the letter for your records;
  • Enroll in the free credit monitoring service provided by StarTek, Inc.;
  • Change all your passwords and security questions for any online accounts;
  • Enable two-factor or multi-factor authentication, where it is available;
  • Regularly review your credit card and bank account statements for any signs of suspicious activity;
  • Monitor your credit report for any unexpected changes that may be a sign of identity theft;
  • Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
  • Notify your banks and credit card companies of the data breach.

About StarTek, Inc.

StarTek, Inc. is a customer experience (CX) business that helps other businesses manage the various interactions they have with customers. StarTek focuses on developing positive relationships and goodwill on behalf of the company’s corporate clients. For example, StarTek, Inc. helps companies manage their social media strategies, working to ensure a positive and consistent image is conveyed. StarTek, Inc. is a publicly-traded company on the New York Stock Exchange under the ticker “SRT.” According to the company’s most recently filed financial statements, Starek, Inc. generated revenue of over $640 million in 2020.

The Details of the StarTek, Inc. Consumer Data Breach

According to the most recent data breach letter issued by StarTek, Inc., on June 26, 2021, the company experienced what the company characterizes as a “network disruption.” After investigating the incident, the company determined that an unknown party gained access to and obtained data from the StarTek network without authorization.

On December 23, 2021, StarTek, Inc. subsequently determined that the breach exposed the personal information of 24,819 customers and employees. This information included affected parties’ first names, last names, Social Security numbers and dates of birth.

Around January 21, 2022, StarTek, Inc. sent out written data breach notifications to all affected customers and employees, informing them of the breach and what they can do to protect themselves. In this communication, StarTek, Inc. explained that there is no indication that the unauthorized party used or intends to use any of the data obtained. However, the company acknowledged the risks involved and encouraged those impacted by the breach to keep a lookout for signs of identity theft.

Below is a copy of the initial data breach letter issued by StarTek, Inc. (the actual notice sent to consumers can be found here):

Dear [Consumer],

I am writing to inform you of a data security incident that may have affected your personal information. At StarTek, we take the privacy and security of personal information very seriously. We are contacting you to notify you that this incident occurred and inform you about steps you can take to ensure your information is protected, including enrolling in the complimentary identity protection services we are making available to you.

What Happened? On June 26, 2021, StarTek learned of unusual activity occurring on its network. Upon discovering this activity, StarTek immediately took steps to secure its technological environment and began an internal investigation with the help of cybersecurity experts. Our investigation identified that an unauthorized individual gained access to and acquired some documents from StarTek’s environment. At this point, StarTek did not know if these documents contained any personal information. StarTek undertook a thorough review of this subset of files and determined that some of your personal information was found in these documents. We are not aware of the misuse of any personal information that may have been involved in this incident. Out of an abundance of caution, we are offering free credit monitoring services.

What Information Was Involved? The potentially affected information may have included your [________].

What Are We Doing? As soon as we discovered this incident, we took the steps described above. In addition, we are providing you with information about steps you can take to help protect your personal information and, out of an abundance of caution, we are offering you credit monitoring and identity theft restoration services at no cost to you through Experian. With this protection, Experian will help you resolve issues if your identity is compromised.

What Can You Do? We recommend that you review the guidance included with this letter about how to help protect your information. We encourage you to contact Experian with any questions and to enroll in free identity protection services.

If you believe there was fraudulent use of your information as a result of this incident and would like to discuss how you may be able to resolve those issues, please reach out to an Experian agent. If, after discussing your situation with an agent, it is determined that identity restoration support is needed then an Experian Identity Restoration agent is available to work with you to investigate and resolve each incident of fraud that occurred from the date of the incident (including, as appropriate, helping you with contacting credit grantors to dispute charges and close accounts; assisting you in placing a freeze on your credit file with the three major credit bureaus; and assisting you with contacting government agencies to help restore your identity to its proper condition).

Please note that Identity Restoration is available to you for 12 months from the date of this letter and does not require any action on your part at this time. The Terms and Conditions for this offer are located at www.ExperianIDWorks.com/restoration.

While identity restoration assistance is immediately available to you, we also encourage you to activate the fraud detection tools available through Experian IdentityWorks as a complimentary 12-month membership. This product provides you with superior identity detection and resolution of identity theft. To start monitoring your personal information, please follow the steps below:

    • Ensure that you enroll by April 30, 2022 (Your code will not work after this date.)

    • Visit the Experian IdentityWorks website to enroll: https://www.experianidworks.com/credit

    • Provide your activation code:  [________]

If you have questions about the product, need assistance with Identity Restoration that arose as a result of this incident or would like an alternative to enrolling in Experian IdentityWorks online, please contact Experian’s customer care team at (833) 704-9387 by April 30, 2022. Be prepared to provide engagement number ENGAGE# as proof of eligibility for the Identity Restoration services by Experian.

ADDITIONAL DETAILS REGARDING YOUR 12-MONTH EXPERIAN IDENTITYWORKS MEMBERSHIP

A credit card is not required for enrollment in Experian IdentityWorks. You can contact Experian immediately regarding any fraud issues, and have access to the following features once you enroll in Experian IdentityWorks:

    • Experian credit report at signup: See what information is associated with your credit file. Daily credit reports are available for online members only.*

    • Credit Monitoring: Actively monitors Experian file for indicators of fraud.

    • Identity Restoration: Identity Restoration specialists are immediately available to help you address credit and non-credit related fraud.

    • Experian IdentityWorks ExtendCARETM: You receive the same high-level of Identity Restoration support even after your Experian IdentityWorks membership has expired.

    • $1 Million Identity Theft Insurance**: Provides coverage for certain costs and unauthorized electronic fund transfers.

We encourage you to take full advantage of this service offering if you have not done so already. Experian representatives are fully versed on the incident and can answer questions or respond to concerns you may have regarding the protection of your personal information.

For More Information: Further information about how to help protect your personal information appears on the following page. If you have questions or need assistance, please call our dedicated call center (833) 704- 9387 toll-free Monday through Friday from 9:00 am – 11:00pm Eastern, or Saturday and Sunday from 11:00am – 8:00pm Eastern (excluding major U.S. holidays). Be prepared to provide your engagement number [________].

We take your trust in us and this matter very seriously. Please accept our sincere apologies for any worry or inconvenience that this may cause you.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Contact
more
less

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.