Recently, the business services provider Morley Companies, Inc. released additional information about a recent “data security incident” the company experienced in mid-2021. According to an official company filing, on August 1, 2021, Morley Companies discovered unusual activity that was affecting company computers. After conducting a follow-up investigation into the incident, the company learned that an unauthorized party possibly gained access to the names, dates of birth, Social Security numbers, driver’s license numbers and health information of more than 13,500 individuals nationwide.
Data breaches such as the Morley Companies breach can come about in various ways. Often, they are the result of a hacker breaching a company’s computer systems with the intention of obtaining sensitive consumer information. While no one knows why Morley Companies was the target of this recent cyberattack, cybercriminals frequently target companies that have vulnerabilities in their data-security systems and technology.
Once a hacker gains access to a computer network, it is possible for them to obtain and remove sensitive consumer information located on the company’s servers. While a company may be able to determine certain files were accessible, they often have no way to know which parties’ information was actually viewed or whether the hacker retained any of this data. Regardless, those whose information was compromised through a data breach or other hacking event are at an increased risk of identity theft. Given this reality, it is imperative for anyone who received a data breach letter from Morley Companies, Inc. to remain vigilant regarding their online accounts, credit card, bank accounts, and credit report.
While the fact that your information was compromised doesn’t necessarily mean the unauthorized party will use it for criminal purposes, it is certainly a possibility. This is especially the case in recent years, as the COVID-19 pandemic gave criminals ample opportunity to take advantage of neglected data security systems as companies were dealing with what they considered much bigger issues.
Businesses like Morley Companies, Inc. have a duty to protect consumer data. If evidence emerges that Morley Companies mishandled your sensitive information leading up to the breach, you may be eligible for financial compensation through a data breach lawsuit.
When you provided Morley Companies with your personal information, you trusted the company to keep your information secure. Certainly, anyone in your position would assume that the company would take the necessary steps to prevent hackers or other criminal actors from accessing sensitive employee data. However, news of this data breach raises some very real questions about the adequacy of the company’s data security measures.
All companies have an ethical and legal obligation to ensure sensitive consumer information remains private. And while developing and maintaining a data security system may seem like an unnecessary expense, that is not the case when a company operates in an environment where the threat of cyberattacks is ever-present.
The data breach laws of the United States allow consumers to sue companies for the misuse or negligent handling of their private information. However, these laws are complex, and news of this Morley Companies data breach is very recent. Not surprisingly, at the current moment, there is not yet any evidence suggesting that Morley Companies bears responsibility for the cyberattack. However, that may change, as our data breach lawyers are looking into the breach to determine what legal remedies consumers may have against the company.
If you have questions about your ability to bring a data breach class action lawsuit against Morley Companies, Inc., you should contact a data breach attorney as soon as possible.
If Morley Companies sent you a data breach letter, it means that you were among those whose personal data was possibly accessed by an unauthorized party. As a result, a total stranger—very likely a criminal—might have accessed, viewed, and stolen your information. While no one can know why a hacker would want your information or what they might do with it, it is essential you remain vigilant to protect yourself from the heightened risk of identity theft by taking the following steps:
Originally founded as a hardware store in Saginaw, Michigan, in the 1860s, Morley Companies is not a global provider of business services. The company’s services include business process outsourcing, meetings & incentives, and exhibits and displays. Currently, Morley Companies, Inc. has more than 2,500 employees and remains headquartered in Saginaw, Michigan. According to the company’s website, it collects the following information from consumers:
The company also provides a detailed list of how it uses the consumer information it gathers.
According to the most recent data breach letter issued by Morley Companies, Inc., on August 1, 2021, Morley Companies discovered unusual activity that was affecting company computers. In response, Morley Companies initiated an investigation into the event with the assistance of cybersecurity experts. This investigation revealed that an unknown actor may have gained access to and obtained data from the Morley network without authorization. The company then continued its investigation to determine what consumer information could have been accessed by the unauthorized party. Ultimately, on December 22, 2021, the company determined that the following information pertaining to 13,630 individuals was compromised:
On January 26, 2021, Morley Companies, Inc. began sending out data breach notification letters to all affected parties. These notices describe what occurred and provide those affected by the breach with information on what they can do to protect themselves. Morley Companies emphasizes that it is unaware of any instance in which the compromised data was used by the unauthorized party; however, the company encouraged those whose information was compromised to keep a lookout for signs of identity theft and fraud by closely monitoring their online accounts and credit reports.
Below is a copy of the initial data breach letter issued by Morley Companies, Inc. (a sample of the actual notice sent to consumers can be found here):
Dear [Consumer],
We are writing to inform you of an incident that may have involved your personal information and to advise you of certain steps you can take to help protect your personal information, including the activation of credit and identity monitoring services we are offering at no cost to you.
What Happened? On December 22, 2021, we learned that your information may have been involved in a data security incident. The incident began on August 1, 2021, when our data became unavailable. We immediately engaged cybersecurity experts to determine if anyone’s information had been affected and to help restore data access. While at this time we still have no evidence that any information was misused, out of an abundance of caution we are providing complimentary credit and identity monitoring to those whose information may have been in the affected systems. <>
What Information Was Involved? The files that may have been accessed by the unauthorized individual may have contained Name, Date of Birth, Social Security number, Driver’s License number, and Health Information.
What Are We Doing? As soon as we discovered the incident, we took the steps described above. In addition, we worked with our experts to try to prevent such an incident from ever happening again. We have also secured the services of IDX to provide credit and identity monitoring at no cost for <> months. IDX is a global leader in risk mitigation and response, and its team has extensive experience helping people who have sustained an unintentional exposure of confidential data. The IDX services include: credit monitoring; identity monitoring; $1 million in identity theft expense reimbursement insurance; fraud prevention and resolution support.
To receive credit services, you must be over the age of 18, have established credit in the U.S., have a Social Security number in your name, and have a U.S. residential address associated with your credit file. Additional information describing your complimentary IDX services is included with this letter.
Please note you must enroll by April 26, 2022. If you have questions or need assistance, please call IDX at 1-833-676-2226.
What You Can Do: Please review the enclosed “Steps You Can Take to Further Protect Your Information” page. It describes additional steps you can take to help safeguard your information, including recommendations by the Federal Trade Commission regarding identity theft protection and details on how to place a fraud alert or a security freeze on your credit file. We also encourage you to activate the complimentary identity monitoring services we are making available through IDX.
For More Information: If you have questions or need assistance, please call 1-833-676-2226, Monday through Friday from 9 a.m. to 9 p.m. ET. Please have your Enrollment Code ready.
Protecting your information is important to us. Please know that we take this incident very seriously and deeply regret any worry or inconvenience that this may cause you.
See more »
DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.
© Console and Associates, P.C. | Attorney Advertising
Refine your interests »
This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.
Back to Top
Explore 2021 Readers’ Choice Awards
Copyright © JD Supra, LLC
