On October 31, 2022, Ethos Group filed documents with the Vermont Attorney General announcing that the company recently experienced a data breach impacting the security of consumer information stored on its computer systems. While the company has not yet disclosed the exact data types leaked in the recent breach, based on the relevant data breach reporting requirements, it is likely that the incident affected consumers’ names and one or more of the following: Social Security numbers, financial account information, protected health information or government identification numbers. Recently, Ethos sent out data breach letters to all affected parties, informing them of the incident and what they can do to protect themselves from identity theft and other frauds.

More Information About the Ethos Group, Inc. Data Breach

The available information regarding the Ethos Group breach comes from the company’s filing with the Vermont Attorney General. According to this source, on August 1, 2022, Ethos determined that an unauthorized party had gained access to the company’s computer system and accessed files containing sensitive consumer information. In response, Ethos Group launched an investigation into the incident with the assistance of outside cybersecurity professionals.

This company’s investigation confirmed that an unauthorized party gained access to the Ethos Group computer network on July 30, 2022, which lasted until the following day.

Upon discovering that sensitive consumer data was made available to an unauthorized party, Ethos Group began to review the affected files to determine what information was compromised and which consumers were impacted. The company completed this review on around October 24, 2022. However, nowhere in any of the company’s official filings does it state what type of information was leaked. That said, Vermont law only requires companies to report a data breach if one or more of the following are compromised:

  • Social Security number;

  • Driver’s license number or non-driver identification card number;

  • Financial account information;

  • Passwords or personal identification numbers or other access codes for a financial account;

  • Taxpayer identification number;

  • Passport number;

  • Military identification card number;

  • Other government identification numbers;

  • Biometric data;

  • Genetic information;

  • Health records and records from other wellness programs, health promotion, or disease prevention programs;

  • Medical diagnosis or treatment information; or

  • Health insurance policy numbers.

On October 31, 2022, Ethos Group sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

Founded in 1996, Ethos Group is a business services company based in Irving, Texas. The company operates in the automotive industry, providing car dealerships with a range of support services, including consulting, recruiting, training, compliance, insurance solutions and more. Ethos Group employs more than 388 people and generates approximately $300 million in annual revenue.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Ethos Group data breach, please see our recent piece on the topic here.

ودجت أحدث المقالات للصفحة الرئيسية تظهر على الصفحة الرئيسية فقط


Leave a Reply

Your email address will not be published. Required fields are marked *