Recently, FCS Financial, a major agricultural lender based in Missouri, announced that it suffered a data breach in April of this year, exposing the personal information of thousands of employees and consumers. Data breaches like the one reported by FCS Financial pose a serious risk of identity theft and other financial loss to all affected consumers.
If you have received a data breach letter from FCS Financial, you may wonder if you were affected by the breach and what the consequences of the breach might be. Consumer Privacy & Data Breach Lawyers are currently investigating the FCS Financial data breach and can help those affected understand what is at stake and whether they have legal recourse against the company.
The FCS Financial Data Breach
On June 16, 2021, FCS Financial discovered that on April 18, 2021, an unauthorized third party accessed documents containing the personal information of over 85,000 people. According to the data breach notice issued by FCS Financial, affected parties include consumers and employees. A notice was sent to all potentially affected parties on September 17, 2021.
FCS Financial explained that the information consulted included:
Lastnames and firstnames ;
social security numbers;
driving license numbers;
Tax identification numbers and IRS identifiers;
Dates of birth;
Information on health insurance; and
The scope of the information exposed during the breach was significant. Unfortunately, FCS Financial has no way of knowing what information was actually viewed by the unauthorized third party. However, given the nature of the compromised data, the risk of identity theft is certainly very real for anyone who receives the data breach letter from FCS Financial.
The company reports that it has uncovered no evidence that the unauthorized party misused consumer information exposed in the breach; however, as a precaution, FCS Financial is offering a free two-year membership to a credit monitoring service to anyone whose information has been potentially exposed.
Below is a copy of the text of the notice issued by FCS Financial:
Based on your current or prior relationship with FCS Financial (“FCS”), we are writing to inform you of a recent incident which may have involved some of your personal information. We have no reason to believe that your personal information has been misused for the purpose of committing fraud or identity theft. Nevertheless, because your information may have been affected, we are providing this notice with advice on what you can do to protect yourself, if you feel it is appropriate to do so.
FCS recently experienced a data security incident involving some of our IT systems. A subsequent forensic investigation determined that an unknown third party had acquired certain data from our systems, including documents that may contain some of your personal information. Although we are not aware of any instances of fraud or impersonation resulting from the incident, we conducted an internal review to determine the contents of the documents accessible to the unknown third party.
What information was involved?
On June 16, 2021, our investigation determined that the records acquired by the third party contained personal information about a number of individuals who worked with or for our association. Subsequently, further information received during the investigation indicated that additional personal data about individuals may have been included. As a precaution, we provide a broad and detailed list of information that may have been involved. The type of information differs from individual to individual and we cannot say with certainty whether this information has been viewed for a particular person. However, the information concerned may include your name, address and other contact information such as your e-mail address or telephone number; Social Security number; driver’s license number; or financial information such as account information, tax identification number, or IRS-related unique identifier. For a limited number of people, the incident may also relate to their date of birth, health insurance information or medical information.
What do we do ?
Upon learning of the incident, we quickly restored the affected systems and conducted an initial investigation into how the incident occurred and contacted the appropriate authorities. We have also engaged a leading forensic security firm to investigate the incident and confirm the security of our systems. Additionally, we have taken steps to reduce the risk of this type of incident occurring in the future, including implementing additional technical controls. We chose to make a broad notification of the security incident to alert people who could potentially have been involved. Although we have no evidence that your information is being used for fraud or identity theft purposes, we are offering you a free two-year membership to Experian IdentityWorksSM Credit 3B. This product helps detect potential misuse of your personal information and provides you with identity protection services focused on immediately identifying and resolving identity theft. IdentityWorks Credit 3B is completely free for you and signing up for this program will not hurt your credit score. For more information about Identity Theft Prevention and IdentityWorks Credit 3B, including instructions on how to activate your free two-year subscription, please see the additional information provided in this letter.
What can you do?
You can find more information on the steps you can take to protect yourself against identity theft or fraud in the attached Additional Important Information Sheet. We also encourage you to activate the credit monitoring services we provide to you.
Other important information:
FCS is committed to respecting the privacy and confidentiality of our customers and community members. We take our responsibility to protect your personal information seriously and apologize for any inconvenience or concern this incident may cause. For more information and assistance, please call 8:00 a.m. to 5:30 p.m. Central Time, Monday through Friday, excluding select U.S. holidays.
How can I protect myself following the FCS financial data breach?
If you have received a data breach notification from FCS Financial, it does not mean that your information has necessarily been accessed by a third party or that you will be a victim of identity theft. However, it is a possibility. And while state and federal laws offer certain protections to victims of data breaches, there’s no guarantee that you won’t be held liable for any unauthorized activity. Thus, it is important that you take the following steps to protect yourself.
Read the entire notice to determine what information has been exposed;
Sign up for the free creditor watch service offered by FCS Financial;
Change your passwords for all online accounts, using unique passwords for each site;
Notify banks and credit card companies of the breach;
Frequently check your bank accounts for signs of unauthorized activity;
Frequently check your credit report for signs of identity theft; and
Set up a fraud alert with one or more of the three credit bureaus.
Can you sue a company after a data breach?
The laws surrounding liability for data breaches are complex; However, in recent years, several large companies have been sued for mishandling consumer information exposed during a data breach. If your information has been accessed by a hacker or other unauthorized party, it is imperative that you understand your legal rights and remedies, even if you have not yet discovered any unauthorized activity. An experienced consumer privacy attorney can educate you on your rights so you can protect yourself and make an informed decision on what to do next.