Two Maine companies are blaming each other over who is responsible for last fall's cybersecurity breach that led to the theft of personal information ranging from Social Security numbers to the medical data of more than 1 million people.
Berrydan, a prominent Portland accounting firm, announced that one of its vendors, Reliable Networks of Biddeford, has been hacked. Reliable Networks said it was hired to manage, not protect, Mr. Berrydun's medical data and that it discovered the hack of Mr. Berrydun's network.
“Our investigation revealed that the fraudster had limited access to the vendor's network and stole some data,” Berrydan said on its website.
Reliable responded on its website: “Berrydan's network and systems were compromised by a third party through no fault of Reliable Networks.”
The company denounced BerryDan's “baseless claims” and said it was confident its claims would be found to be “without merit” once the forensic analysis is complete.
A BerryDan spokesperson said the company is treating Reliable's accusations with the “utmost seriousness” and is working with outside counsel to respond.
“As is common in security incidents such as this, the complaint is made despite thorough forensic analysis,” the company said. “We always aim to deal with issues in a professional manner, even if they are complex or unfortunate.”
Regardless of who is responsible, both companies believe that any combination of an individual's name, address, date of birth, Social Security number, health insurance policy number, state or government identification number, passport number, and medical information was stolen. I agree with this.
The dispute is likely to be resolved in earnest in the U.S. District Court for the District of Maine, after eight BellyDan customers sued BellyDan this week for negligence, unjust enrichment, and breach of fiduciary duty over the September data theft. .
Berrydan said there is no indication that the stolen information was misused. The Company is providing credit monitoring and privacy protection services from a third-party cybersecurity company free of charge to affected individuals.
“We respect the privacy and security of information within our control, and we sincerely apologize for any concern or inconvenience this may cause,” the company said in a message on its website. ing. BerryDunn has his 800 employees and is headquartered outside on Congress Street.
The plaintiffs, from as far away as West Virginia, are seeking a jury trial and damages, but say online thieves can wait years before using stolen data. Social Security numbers are valuable because they can be used to fraudulently obtain credit cards, driver's licenses, and unemployment benefits.
Martin Walter, senior director at cybersecurity firm RedSeal, described the high value of this type of data in the 2015 edition of IT World magazine: market. “
Some plaintiffs note that the value of stolen medical information is extremely high.
According to a 2010 study by credit rating agency Experian, the average cost of medical information theft is “approximately $20,000” per incident, and most victims of medical information theft end up paying out-of-pocket for missed medical care. I realized that I was being forced to. Restore coverage.
As a result, nearly half of medical identity theft victims lost their health insurance, the plaintiffs pointed out.
Plaintiffs hoping to file a class action lawsuit complained of a seven-month delay between discovery of the theft and notification. If they had known about the hack, they say they would have closely monitored their finances during that time.
The hack occurred in September. BerryDan posted an initial notification of the data breach on its website in November, but waited until the cybersecurity experts it hired revealed what data had been stolen and from whom before notifying customers in April. I sent the book.
“As soon as Belly Dan learned of the suspicious activity, we began an investigation,” Belly Dan wrote in a FAQ guide sent to affected customers. “This process took some time to complete due to the size and complexity of the data that needed to be reviewed.”
To prevent potential identity theft and fraud, Berrydan urged affected individuals to check their bank accounts, financial statements, and credit reports for suspicious activity. Suspected incidents of identity theft should be reported to law enforcement or the Attorney General.
Copy story link
” previous
College graduation ceremonies begin in Maine as protests across the U.S. disrupt ceremonies
Next ”
Related article
Invalid username/password.
Please check your email to confirm and complete your registration.
Please use the form below to reset your password. Once you submit your account email, you will receive an email with a reset code.