Background of the Incident



Similar documents
WHAT INFORMATION WAS INVOLVED?

May 11, Re: Notice of a Data Breach. Dear

How To Prevent Identity Theft

Letter from the CEO. January 25, To Our Valued Michaels Customers:

As a precaution, we have arranged with AllClear ID to provide identity protection services to affected clients at no cost for a period of one year.

How to Get Rid of Identity Theft

<DATE> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRTST NAME> <LAST NAME>:

Joint Plumbing Industry Board Plumbers Local Union No.1 Trust Funds

NOTICE OF DATA BREACH. As an integral part of our dōterra family, we understand how important data security is to you.

In the first week of November, E-conolight was made aware by its website hosting company of a malware attack

We are writing to you because of a recent security incident which may have resulted in unauthorized access of your personal information.

UNTOI~ b& ~1\1IL.I1[A?v1S TEL 2I2309~ 1000

The Home Depot 2455 Paces Ferry Road Atlanta, GA 30339

Important Customer Notice. Information Concerning Data Security Incident at Some Staples Stores

Importance: From: Anthem, Inc. Communications Sent: Thursday, February 26, :40 PM Subject: Important message from Anthem, Inc.

July 17, Office of the Attorney General Attn: Security Breach Notification 200 St. Paul Place Baltimore, MD 21202

How To Protect Yourself From Identity Theft

April 30, 2015 VIA . Attorney General Joseph Foster Office of the Attorney General NH Department of Justice 33 Capitol Street Concord, NH 03301

Substitute Notice for Village Pizza

FORMER CMSP AND PATH2HEALTH MEMBERS YOU MAY BE AFFECTED BY ANTHEM DATA BREACH

May 11, Re: Data Security Breach at Honig s Whistle Stop

HOME DEPOT DATA BREACH

Activate ProtectMyID Now in Three Easy Steps. If you have questions or need an alternative to enrolling online, please call

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.

March 2, 2015 Page 2. If you have any questions or need further information regarding this incident, please do not hesitate to contact me.

June 10, 2015 VIA

Northern Trust Attachment A

The Home Depot Provides Update on Breach Investigation

Data Security Breach Notice Letter

PENN STATE UNIVERSITY SENSITIVE DATA EXPOSURE INCIDENT KIT Created and Maintained by the Privacy Office

IDENTITY THEFT VICTIMS: IMMEDIATE STEPS

HIPAA Breach UPDATED 9/21/15

WILSON. June 18, 2014

Tax Fraud and Identity Theft Frequently Asked Questions [Updated February 10, 2015] 4. WHAT CAN I DO TO PROTECT MYSELF FROM TAX FRAUD IN THE FUTURE?

How to Freeze Your Credit Files Tips for Consumers

SECURITY BREACH INCIDENT RESPONSE AND CONSUMER NOTIFICATION PLAN TABLE OF CONTENTS PROGRAM OVERVIEW... DEFINITIONS... REPORTING A SECURITY BREACH...

<March XX, 2015> <FIRST NAME> <LAST NAME> <ADDRESS LINE 1> <ADDRESS LINE 2> <CITY>, <STATE> <ZIP> Dear <FIRST NAME> <LAST NAME>:

Office of Privacy Protection Safeguarding Information for Your Future

Identity Protection Services

This document if provided for educational and informational purposes and is not intended to provide, nor does it constitute legal advice.

Remedying the Effects of Identity Theft

Identity Theft Victim s Packet

Credit Reports. Colorado Bureau of Investigation Identity Theft & Fraud Unit

How To Get A Credit Card From A Credit Union

HSBC ID North Riverwoods Boulevard, Suite 100, Mettawa, IL April 10, OVERNIGHT DELIVERY and

Identity Theft. Protecting Yourself and Your Identity. Course objectives learn about:

Guide to Identity Theft

tiled Kelly Avote Office of the Attorney General 33 Capitol St. Concord, NH Dear Attorney General:

ARE YOU A VICTIM OF AN IDENTITY CRIME?

Frequently Asked Questions [Updated January 20, 2015]

Identity Theft Victim Checklist

SPOKANE Police Department Identity Theft Victim Packet

General Q&A Northland Pioneer Personal Data Security Incident

Identity Theft Repair Kit

Dear Concerned Consumer,

Identity Theft Victim Packet

Get back your good name. Refuse to be a target of identity crime again.

Identity Theft Solutions

T E X A S Y O U N G L A W Y E R S A S S O C I A T I O N A N D S T A T E B A R O F T E X A S I D E N T I T Y T H E F T G U I D E

Employee ID Theft Resource Guide

CITY OF ROCHESTER, MINNESOTA POLICE DEPARTMENT

FTC Facts. For Consumers Federal Trade Commission. Maybe you never opened that account, but. Identity Crisis... What to Do If Your Identity is Stolen

First Steps for Victims of Identity Theft

IDENTITY THEFT INFORMATIONAL PACKET

Reclaiming your identity

Identity Theft Assistance: Information for Recovering Your Good Name

OHIO S IDENTITY THEFT VICTIM ASSISTANCE KIT A guide for victims of identity theft, detailing what to do and who to contact.

Identity Theft Victim Checklist

Instructions for Completing the ID Theft Affidavit

How To Protect Yourself From Identity Theft

Identity Theft Repair Kit

Instructions for Completing the ID Theft Affidavit

INTRODUCTION. Identity Theft Crime Victim Assistance Kit

Safeguard your personal information

Identity Theft Protection

SECURITY BREACH FACT SHEET FOR DEPARTMENT OF ADMINISTRATION CALL CENTER

Resolving Consumer Identity Theft for Foster Youth 2013 Edition

KCSO IDENTITY THEFT KIT

Dear Consumer, What's in this packet: Identity Theft Victim Checklist Identity Theft Victim Worksheet Sample Letters

Instructions for Completing


Instructions for Completing the ID Theft Affidavit

Checking and Clearing Credit History for Young People

REINVESTIGATION REQUEST INSTRUCTIONS

How to Deal With Identity Theft

IDENTITY THEFT VICTIM S PACKET

Fraud and Identity Theft. Megan Stearns, Credit Counselor

Deterring Identity Theft. The Federal Trade Commission estimates that as many as 9 million Americans have their identities stolen each year.

IDENTITY THEFT RESOURCE KIT

Identity Theft Victim Checklist

U.S. Postal Inspection Service. Ensuring Confidence in the U.S. Mail

Identity Theft Victim s Packet

Chapter 6 Appendix A

what you need to know

Identity Theft. Safeguard your personal information. June 2009

Credit report review checklist

Identity Theft Victim s Packet

West Palm Beach Police Department s Identity Theft Victim s Packet

Identity Theft: Protect Yourself, Secure Your Future

Transcription:

BLAINE C. KIMREY SHAREHOLDER +1 (312) 609 7865 bkimrey@vedderprice.com 222 NORTH LASALLE STREET CHICAGO, ILLINOIS 60601 T: +1 (312) 609 7500 F: +1 (312) 609 5005 CHICAGO NEW YORK WASHINGTON, DC LONDON SAN FRANCISCO LOS ANGELES April 29, 2016 VIA EMAIL (ATTORNEYGENERAL@DOJ.NH.GOV) AND FEDERAL EXPRESS The Honorable Joseph Foster Attorney General of the State of New Hampshire Office of the Attorney General 22 Capitol Street Concord, NH 03301 Re: Notification of a Cyber Security Incident Potentially Affecting New Hampshire Residents Pursuant to N.H. Rev. Stat. 359-C:20 Dear Attorney General Foster: We represent Alpha Payroll Services, LLC ( Alpha Payroll ) in connection with a recent incident that may have impacted the security of certain personal information of one (1) New Hampshire resident. Pursuant to N.H. Rev. Stat. 359-C:20, Alpha Payroll is reporting the inadvertent release of 2015 W-2 forms. The investigation of this incident is ongoing, and this notice will be supplemented, if necessary, with any new significant facts discovered after its submission. By providing this notice, Alpha Payroll does not waive any potential rights or defenses regarding applicability of New Hampshire law or personal jurisdiction in connection with this incident. Background of the Incident Alpha Payroll is a payroll and merchant services provider headquartered in Trevose, Pennsylvania, with offices in California and New Jersey as well. Alpha Payroll provides a variety of payment processing services to companies of varying sizes across the United States, including New Hampshire. On or about March 1 or 2, an Alpha Payroll employee responded to a phishing scam email in which the sender represented himself or herself to be the CEO of Alpha Payroll and

The Honorable Joseph Foster April 29, 2016 Page 2 disguised his or her email address as that of the CEO. In this email, the fraudster requested copies of all the 2015 W-2 forms produced by Alpha Payroll on behalf of its customers. As a result of hidden commands embedded within the email by the sender, upon responding to the email, the reply message was rerouted and sent to the email account of the third-party sender. Upon notice from a customer of the filing of fraudulent tax returns under employee Social Security numbers on or about April 8, 2016, Alpha Payroll immediately launched an investigation to determine whether a security incident had occurred. Although no definitive proof exists at this time connecting the fraudulent returns to the phishing email response of the Alpha Payroll employee, the investigation that began on April 8, 2016 uncovered the inadvertent release. Alpha Payroll leadership promptly terminated the employee, hired experts to assist in the investigation and response, and has been in contact with law enforcement, including the Criminal Investigation Division of the IRS and the FBI, regarding the incident. Based upon the email transmissions, Alpha Payroll believes that the New Hampshire employee s name, address, phone number, and Social Security number were affected, along with other information contained within the W-2 form. Notice to the New Hampshire Resident On or about May 3, 2016, Alpha Payroll is notifying the one (1) affected New Hampshire resident of the incident. Enclosed is a sample of the notification letter that will be sent to the New Hampshire resident via United States first-class mail. In addition, Alpha Payroll has established a call center (1.855.904.5754) that affected customers can contact Monday through Saturday from 8:00 a.m. to 8:00 p.m. CST to ask questions and to receive further information regarding the incident. Alpha Payroll has arranged to offer one (1) year of complimentary credit monitoring and identity theft protection services through AllClear ID to the affected New Hampshire resident. Other Steps Undertaken and to Be Undertaken by Alpha Payroll In addition to conducting an internal investigation and working with law enforcement, Alpha Payroll terminated the employee who responded to the phishing attack and redoubled its efforts to educate employees on phishing schemes and the importance of confirming the legitimacy of emails to lessen the likelihood of future incidents. Contact Please contact me if you have any questions or if I can provide you with any further information concerning this matter. Thank you.

The Honorable Joseph Foster April 29, 2016 Page 3 Sincerely, Blaine C. Kimrey cc: Jon Moffett, Director of Human Resources, Alpha Payroll Services, LLC

Processing Center P.O. BOX 141578 Austin, TX 78714 00001 ACD1234 00001 JOHN Q. SAMPLE 1234 MAIN STREET ANYTOWN US 12345-6789 May 3, 2016 Dear John Sample, NOTICE OF DATA BREACH Alpha Payroll Services, LLC ( Alpha Payroll ) is committed to providing businesses with comprehensive solutions and merchant services, and we re committed to the privacy and security of our clients and their employees. As part of this commitment, we re contacting you, as an employee of an Alpha Payroll payroll processing client, regarding a potential breach of your information. What Happened Upon notice on or about April 8, 2016, from an Alpha Payroll customer of the filing of fraudulent tax returns under employee Social Security numbers, Alpha Payroll immediately launched an investigation to determine whether a security incident had occurred. Our investigation uncovered an email phishing scam that led an Alpha Payroll employee to inadvertently release to a third party certain 2015 IRS Form W-2, Wage and Tax Statements of Alpha Payroll client employees. Although we have no definitive proof of tax fraud linked to this incident, we re providing you this notice out of an abundance of caution. What Was Involved We have confirmed that information potentially at risk included various pieces of information maintained by Alpha Payroll on behalf of your employer, including your name, address, phone number, and Social Security number. 01-02-1-00

We promptly notified law enforcement of the incident, including the Criminal Investigation Division of the Internal Revenue Service and the Federal Bureau of Investigation, and we continue to work closely with the IRS. What We Are Doing In addition to conducting an internal investigation and working with law enforcement, we terminated the employee who responded to the phishing attack and are redoubling our efforts to educate employees on phishing schemes and the importance of confirming the legitimacy of emails to lessen the likelihood of future incidents. We re also contacting Equifax, Experian and TransUnion, the national credit report companies, regarding the incident. Furthermore, as explained in more detail below, we have hired AllClear ID to provide, at no cost to you, fraud detection and prevention services. Although there is no definitive proof of fraud as result of this inadvertent release, out of an abundance of caution, we re notifying you that your information may be at risk. As an added precaution, we have arranged to have AllClear ID help protect your identity for 12 months at no cost to you. The following identity protection services start on the date of this notice and you can use them at any time during the next 12 months. What You Can Do AllClear SECURE: The team at AllClear ID is ready and standing by if you need identity repair assistance. This service is automatically available to you with no enrollment required. If a problem arises, simply call 1-855-904-5754 and a dedicated investigator will help recover financial losses, restore your credit and make sure your identity is returned to its proper condition. AllClear PRO: Also with no cost to you, this service offers additional layers of protection including credit monitoring and a $1 million identity theft insurance policy. For a child under 18 years old, AllClear ID ChildScan identifies acts of credit, criminal, medical or employment fraud against children by searching thousands of public databases for use of your child s information. To use the PRO service, you will need to provide your personal information to AllClear ID. You may sign up online at enroll.allclearid.com or by phone by calling 1-855-904-5754 using the following redemption code: Redemption Code. Please note: Additional steps may be required by you in order to activate your phone alerts and monitoring options.

As a precautionary measure, we recommend that you remain vigilant to protect against potential fraud and/or identity theft by, among other things, reviewing your credit card account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities, including the police and your state s attorney general, as well as the Federal Trade Commission ( FTC ). You may wish to review the tips provided by the FTC on fraud alerts, security/credit freezes and steps to you can take to avoid identity theft. For more information and to contact the FTC, please visit www.ftc.gov/idtheft or call 1-877-ID-THEFT (1-877-438-4338). You may also contact the FTC at: Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580. Credit Reports: You may obtain a free copy of your credit report once every 12 months from each of the three national credit reporting agencies by visiting http://www.annualcreditreport.com, by calling toll free 1-877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can print a copy of the request form at https://www.annualcreditreport.com/cra/requestformfinal.pdf. Other Important Alternatively, you may elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries, including obtaining information about fraud alerts and placing a security freeze on your credit files, is as follows: Equifax 1-800-685-1111 www.equifax.com P.O. Box 740241, Atlanta, Georgia 30374-0241 Experian 1-888-397-3742 www.experian.com P.O. Box 9532, Allen, TX 75013 TransUnion 1-800-888-4213 www.transunion.com P.O. Box 1000, Chester, PA 19022 Fraud Alerts: You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that creditors contact you prior to establishing any new accounts in your name. To place a fraud alert on your credit report, contact any of the three national credit reporting agencies using the contact information listed above. Additional information is available at http://www.annualcreditreport.com. Credit and Security Freezes: You may have the right to put a credit freeze, also known as a security freeze, on your credit file, so that no new credit can be opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. A credit freeze is designed to prevent potential credit grantors from accessing your credit report without your consent. If you place a credit freeze on your credit file, potential creditors and other third parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a credit freeze may delay your ability to obtain credit. In 02-02-1

addition, you may incur fees to place, lift and/or remove a credit freeze. Credit freeze laws vary from state to state. The cost of placing, temporarily lifting and removing a credit freeze also varies by state, generally $5 to $20 per action at each credit reporting company. Unlike a fraud alert, you must separately place a credit freeze on your credit file at each credit reporting company. Since the instructions for how to establish a credit freeze differ from state to state, please contact the three major credit reporting companies as specified above to find out more information, or by contacting the FTC at 600 Pennsylvania Ave. N.W., Washington, D.C. 20580, 1-877-ID-THEFT, consumer.ftc.gov. This notice has not been postponed as a result of a law enforcement investigation. Maryland Residents: Residents of Maryland may also obtain information about avoiding identity theft from the Maryland Office of the Attorney General at: 200 St. Paul Place Baltimore, MD 21202 1-888-743-0023 www.oag.state.md.us North Carolina Residents: North Carolina residents can obtain information about preventing identity theft from the North Carolina Attorney General s Office at: North Carolina Attorney General s Office 9001 Mail Service Center Raleigh, NC 27699-9001 (877) 566-7226 www.ncdoj.com For More If you have any questions or need further assistance, please call Kevin Costello at 866-253- 2227. Sincerely, Lazaros Kalemis Chief Executive Officer Alpha Payroll Services, LLC

Processing Center P.O. BOX 141578 Austin, TX 78714 00002 ACD1234 02562 TO THE PARENT OR GUARDIAN OF JOHN Q. SAMPLE 1234 MAIN STREET ANYTOWN US 12345-6789 May 3, 2016 Dear Parent or Guardian of John Sample, NOTICE OF DATA BREACH Alpha Payroll Services, LLC ( Alpha Payroll ) is committed to providing businesses with comprehensive solutions and merchant services, and we re committed to the privacy and security of our clients and their employees. As part of this commitment, we re contacting you, as an employee of an Alpha Payroll payroll processing client, regarding a potential breach of your information. What Happened Upon notice on or about April 8, 2016, from an Alpha Payroll customer of the filing of fraudulent tax returns under employee Social Security numbers, Alpha Payroll immediately launched an investigation to determine whether a security incident had occurred. Our investigation uncovered an email phishing scam that led an Alpha Payroll employee to inadvertently release to a third party certain 2015 IRS Form W-2, Wage and Tax Statements of Alpha Payroll client employees. Although we have no definitive proof of tax fraud linked to this incident, we re providing you this notice out of an abundance of caution. What Was Involved We have confirmed that information potentially at risk included various pieces of information maintained by Alpha Payroll on behalf of your employer, including your name, address, phone number, and Social Security number. 01-02-2-00

We promptly notified law enforcement of the incident, including the Criminal Investigation Division of the Internal Revenue Service and the Federal Bureau of Investigation, and we continue to work closely with the IRS. What We Are Doing In addition to conducting an internal investigation and working with law enforcement, we terminated the employee who responded to the phishing attack and are redoubling our efforts to educate employees on phishing schemes and the importance of confirming the legitimacy of emails to lessen the likelihood of future incidents. We re also contacting Equifax, Experian and TransUnion, the national credit report companies, regarding the incident. Furthermore, as explained in more detail below, we have hired AllClear ID to provide, at no cost to you, fraud detection and prevention services. Although there is no definitive proof of fraud as result of this inadvertent release, out of an abundance of caution, we re notifying you that your information may be at risk. As an added precaution, we have arranged to have AllClear ID help protect your identity for 12 months at no cost to you. The following identity protection services start on the date of this notice and you can use them at any time during the next 12 months. What You Can Do AllClear SECURE: The team at AllClear ID is ready and standing by if you need identity repair assistance. This service is automatically available to you with no enrollment required. If a problem arises, simply call 1-855-904-5754 and a dedicated investigator will help recover financial losses, restore your credit and make sure your identity is returned to its proper condition. AllClear PRO: Also with no cost to you, this service offers additional layers of protection including credit monitoring and a $1 million identity theft insurance policy. For a child under 18 years old, AllClear ID ChildScan identifies acts of credit, criminal, medical or employment fraud against children by searching thousands of public databases for use of your child s information. To use the PRO service, you will need to provide your personal information to AllClear ID. You may sign up online at enroll.allclearid.com or by phone by calling 1-855-904-5754 using the following redemption code: Redemption Code. Please note: Additional steps may be required by you in order to activate your phone alerts and monitoring options.

As a precautionary measure, we recommend that you remain vigilant to protect against potential fraud and/or identity theft by, among other things, reviewing your credit card account statements and credit reports closely. If you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities, including the police and your state s attorney general, as well as the Federal Trade Commission ( FTC ). You may wish to review the tips provided by the FTC on fraud alerts, security/credit freezes and steps to you can take to avoid identity theft. For more information and to contact the FTC, please visit www.ftc.gov/idtheft or call 1-877-ID-THEFT (1-877-438-4338). You may also contact the FTC at: Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 20580. Credit Reports: You may obtain a free copy of your credit report once every 12 months from each of the three national credit reporting agencies by visiting http://www.annualcreditreport.com, by calling toll free 1-877-322-8228, or by completing an Annual Credit Report Request Form and mailing it to Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA 30348. You can print a copy of the request form at https://www.annualcreditreport.com/cra/requestformfinal.pdf. Other Important Alternatively, you may elect to purchase a copy of your credit report by contacting one of the three national credit reporting agencies. Contact information for the three national credit reporting agencies for the purpose of requesting a copy of your credit report or for general inquiries, including obtaining information about fraud alerts and placing a security freeze on your credit files, is as follows: Equifax 1-800-685-1111 www.equifax.com P.O. Box 740241, Atlanta, Georgia 30374-0241 Experian 1-888-397-3742 www.experian.com P.O. Box 9532, Allen, TX 75013 TransUnion 1-800-888-4213 www.transunion.com P.O. Box 1000, Chester, PA 19022 Fraud Alerts: You may want to consider placing a fraud alert on your credit report. An initial fraud alert is free and will stay on your credit file for at least 90 days. The alert informs creditors of possible fraudulent activity within your report and requests that creditors contact you prior to establishing any new accounts in your name. To place a fraud alert on your credit report, contact any of the three national credit reporting agencies using the contact information listed above. Additional information is available at http://www.annualcreditreport.com. Credit and Security Freezes: You may have the right to put a credit freeze, also known as a security freeze, on your credit file, so that no new credit can be opened in your name without the use of a PIN number that is issued to you when you initiate a freeze. A credit freeze is designed to prevent potential credit grantors from accessing your credit report without your consent. If you place a credit freeze on your credit file, potential creditors and other third parties will not be able to get access to your credit report unless you temporarily lift the freeze. Therefore, using a credit freeze may delay your ability to obtain credit. In 02-02-2

addition, you may incur fees to place, lift and/or remove a credit freeze. Credit freeze laws vary from state to state. The cost of placing, temporarily lifting and removing a credit freeze also varies by state, generally $5 to $20 per action at each credit reporting company. Unlike a fraud alert, you must separately place a credit freeze on your credit file at each credit reporting company. Since the instructions for how to establish a credit freeze differ from state to state, please contact the three major credit reporting companies as specified above to find out more information, or by contacting the FTC at 600 Pennsylvania Ave. N.W., Washington, D.C. 20580, 1-877-ID-THEFT, consumer.ftc.gov. This notice has not been postponed as a result of a law enforcement investigation. Maryland Residents: Residents of Maryland may also obtain information about avoiding identity theft from the Maryland Office of the Attorney General at: 200 St. Paul Place Baltimore, MD 21202 1-888-743-0023 www.oag.state.md.us North Carolina Residents: North Carolina residents can obtain information about preventing identity theft from the North Carolina Attorney General s Office at: North Carolina Attorney General s Office 9001 Mail Service Center Raleigh, NC 27699-9001 (877) 566-7226 www.ncdoj.com For More If you have any questions or need further assistance, please call Kevin Costello at 866-253- 2227. Sincerely, Lazaros Kalemis Chief Executive Officer Alpha Payroll Services, LLC

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information