Law Enforcement Health Benefits | Mason LLP – JDSupra – JD Supra
Apr. 4, 2022 – On September 14, 2021 Law Enforcement Health Benefits (“LEHB”) detected that a ransomware infection began encrypting files stored on their network. The incident compromised the personal information of 85,282 of its members. LEHB’s investigation into the security breach revealed that the files impacted contained individual names, dates of birth, Social Security numbers, driver’s license numbers, financial account numbers, health insurance information, and medical information (medical record number, patient account number, and diagnosis/treatment information). On February 25, 2022, LEHB sent a letter to all persons whose data was compromised by the breach.
What is LEHB Doing in Response to the Breach?
LEHB has not made any changes to its network or security. They have set up a dedicated call center, and are offering complimentary credit monitoring services to those individuals whose Social Security numbers were contained in the files that were removed.
Should You Be Concerned?
If you received a data breach notice letter from Law Enforcement Health Benefits, your personal data may have been seen by unauthorized cyber-criminals. Worse, the cyber-criminals may have removed your data from the company’s network so they can sell it on the Dark Web, leaving you vulnerable to credit card fraud, identify theft and a variety of scams.
Cybercriminals can pair the data with other available information to commit a broad range of fraud in a Class Member’s name, such as: obtaining employment; obtaining a loan; applying for credit cards or spending money; filing false tax returns; stealing Social Security and other government benefits; and applying for a driver’s license, birth certificate, or other public document.
Armed with personal information, cybercriminals can easily obtain tax returns or open fraudulent credit card accounts. Social Security numbers can be used to create a false identification for someone who commits a crime, impairing the victim’s ability to gain employment or obtain a loan. It goes without saying that cybercrimes can have a significant negative financial impact on it victims, as well as cause severe emotional distress.
Victims of the breach can take a variety of measures to protect themselves as discussed below.
What You Should Do
If you received a data breach notice letter from LEHB, you should take certain steps to safeguard your identify. We recommend the following:
Enroll in the free credit monitoring service provided by LEHB.
Get your free credit report from annualcreditreport.com, and check for any accounts or charges you don’t recognize.
Check the monitoring application regularly to see if your data has been compromised or if your data is being used for fraudulent purposes;
Consider placing a free credit freeze. A credit freeze makes it harder for someone to open an account in your name.
Try to file your taxes early, before a scammer can. Tax identity theft happens when someone uses your Social Security number to get a tax refund or a job. Respond right away to letters from the IRS.
Don’t believe anyone who calls and says you’ll be arrested unless you pay for taxes or debt — even if they have part or all of your Social Security number, or they say they’re from the IRS.
Change your online passwords and security questions;
Regularly review your credit card and bank account statements for signs of suspicious activity;
Monitor your credit report for any unexpected changes that may be a sign of identity theft;
Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
Immediately notify your banks and credit card companies if you identify any suspicious activity
What Else Should You Do?
Data breach victims may be able to seek compensation through a class action. Class actions are frequently filed against companies that are breached. While these cases sometimes go to trial, most data breach class actions settle and provide a variety of benefits to class members. These benefits may include additional years of credit and identity monitoring, compensation for time spent responding to the breach, reimbursement for any losses from fraud related to the breach or nominal damages. If you want to learn more about data breach class actions and how you can participate in one against Law Enforcement Health Benefits, you should contact a data breach attorney as soon as possible.