Sound Generations Notifies its Clients and Other Affected Individuals of Data Security Incidents
SEATTLE, Nov. 29, 2021
SEATTLE, Nov. 29, 2021 /PRNewswire/ -- Out of an abundance of caution, Sound Generations informs its clients and Other Affected Individuals of two data security incidents that may have resulted in an unauthorized access of personal information. Sound Generations sincerely apologizes for these incidents and any inconvenience it may cause to its clients and Other Affected Individuals. While Sound Generations is unaware of any fraudulent misuse of the personal information at this time, Sound Generations is providing details about the events, steps that Sound Generations is taking in response, and resources available to help its clients and Other Affected Individuals to protect against the potential misuse of their information.
Notification letters are being mailed to affected individuals. This notice is intended for those individuals who may not receive the notification letter because of incorrect or incomplete mailing addresses.
Our Organization: Sound Generations is a comprehensive 501c3 non-profit organization that serves older adults and adults with disabilities in King County, Washington. Our organization is Washington State's largest provider of comprehensive services for aging adults in King County. We strive to expand the provision of food security, transportation, health & wellness, and assistance services to underserved and marginalized populations. Our programs and affiliated service sites provide accessible resources and services across King County.
What Happened: Sound Generations discovered that an unauthorized party gained access to its computer systems and encrypted information stored on our systems on July 18, 2021 and September 18, 2021. Sound Generations terminated the unauthorized access, and promptly commenced an investigation to determine the scope of the incidents. The investigation was unable to rule out that information stored on Sound Generations' systems may have been accessed by an unauthorized party. After the conclusion of the third party's forensics investigations, Sound Generations conducted its own investigation and due diligence to identify the affected individuals and the nature of their personal information that may have been compromised. Sound Generations has determined that some of its client information has been potentially impacted following the incidents. This investigation was necessary to provide accurate information and notice to the potentially impacted individuals. To date, Sound Generations has no reason to believe that there was a misuse of the information pertaining to the potentially impacted individuals.
What Information Was Involved: The personal information Sound Generations receives is typically limited to demographic and health information, including name, address, phone number, email, date of birth, and whether or not its clients have health insurance. For those individuals who participated in the EnhanceFitness program, their data may also include their health insurance number. Health history and health condition may also be included for those individuals who provided this information to Sound Generations. Please note that Sound Generations does not collect or store any of its client's Social Security Numbers, drivers' license numbers, financial account information, credit or debit card information.
Please note, however, that since becoming aware of these incidents, Sound Generations has received no indication that its client information has been used by the unauthorized actor or by any unauthorized party to commit fraud. Sound Generations is providing notice of the incidents to its clients and Other Affected Individuals out of an abundance of caution.
What We Are Doing: Sound Generations values the privacy of its client information and will continue to do everything it can to protect it. Since the incident, Sound Generations has greatly enhanced its cybersecurity controls, including changing passwords and installing additional security on its systems.
What You Can Do:
- You should always remain vigilant for incidents of fraud and identity theft by reviewing credit card account statements and by monitoring your credit report for suspicious or unusual activity.
- Please notify your financial institution immediately if you detect any suspicious activity on any of your accounts, including unauthorized transactions or new accounts opened in your name that you do not recognize. You should also promptly report any fraudulent activity or any suspected incidents of identity theft to proper law enforcement authorities.
- You can request a copy of your credit report, free of charge, directly from each of the three nationwide credit reporting agencies. To do so, free of charge once every 12 months, please visit www.annualcreditreport.com or call toll free at 1-877-322-8228. Contact information for the three nationwide credit reporting agencies is listed below.
- You have the right to file or obtain a police report if you experience identity fraud. Please note that in order to file a crime report or incident report with law enforcement for identity theft, you will likely need to provide proof that you have been a victim. A police report is often required to dispute fraudulent items. You can generally report suspected incidents of identity theft to local law enforcement or to the Attorney General.
- You can take steps recommended by the Federal Trade Commission to protect yourself from identity theft. The FTC's website offers helpful information at www.ftc.gov/idtheft.
You may obtain a copy of your credit report, free of charge, whether or not you suspect any unauthorized activity on your account. You may obtain a free copy of your credit report from each of the three nationwide credit reporting agencies. To order your free credit report, please visit www.annualcreditreport.com, or call toll-free at 1-877-322-8228. You can also order your annual free credit report by mailing a completed Annual Credit Report Request Form (available at https://www.consumer.ftc.gov/articles/0155-free-credit-reports) to: Annual Credit Report Request Service, P.O. Box 105281, Atlanta, GA, 30348-5281.
You can also place fraud alerts with the three credit bureaus by phone or online. A fraud alert tells creditors to follow certain procedures, including contacting you, before they open any new accounts or change your existing accounts. For that reason, placing a fraud alert can protect you, but also may delay you when you seek to obtain credit. As of September 21, 2018, initial fraud alerts last for one year. Victims of identity theft can also get an extended fraud alert for seven years.
P.O. Box 9554
P.O. Box 2000
P.O. Box 105069
You have the right to place a security freeze on your credit report. A security freeze is intended to prevent credit, loans, and services from being approved in your name without your consent. To place a security freeze on your credit report, you need to make a request to each consumer reporting agency. You may make that request by certified mail, overnight mail, regular stamped mail, or by following the instructions found at the websites listed below. The following information must be included when requesting a security freeze (note that if you are requesting a credit report for your spouse or a minor under the age of 16, this information must be provided for him/her as well): (1) full name, with middle initial and any suffixes; (2) Social Security number; (3) date of birth; (4) current address and any previous addresses for the past five years; and (5) any applicable incident report or complaint with a law enforcement agency or the Registry of Motor Vehicles. The request must also include a copy of a government-issued identification card and a copy of a recent utility bill or bank or insurance statement. It is essential that each copy be legible, display your name and current mailing address, and the date of issue. As of September 21, 2018, it is free to place, lift, or remove a security freeze. You may also place a security freeze for children under the age of 16. You may obtain a free security freeze by contacting any one or more of the following national consumer reporting agencies:
P.O. Box 9554
P.O. Box 160
P.O. Box 105788
Furthermore, to help protect your deceased family member, there are steps you can take to request a copy of your deceased family member's credit report. An executor or surviving spouse can place a request to any of the three credit reporting agencies for a copy of the deceased individual's credit report. An executor or surviving spouse can also request that the following two notices be placed on a deceased individual's credit report:
- "Deceased – Do not issue credit"; or
- "If an application is made for credit, please notify the following person(s) (e.g. surviving relative, executor/trustee of the estate and/or local law enforcement agency – notifying the relationship)."
Contact information for the three nationwide credit reporting companies is as follows:
For more information regarding identity theft and the deceased, please visit http://www.idtheftcenter.org and search for "FS 117 - Identity Theft and the Deceased - Prevention and Victim Tips." You should also notify the Social Security Administration and Internal Revenue Service of the death of your family member and that you received this letter.
More Information: Sound Generations sincerely regrets any inconvenience that these incidents may cause to its clients and remains dedicated to protecting their information. For media inquiries, please contact the toll free number 1-833-770-0673, Monday through Friday, between 8:00 a.m. and 8:00 p.m. ET.
SOURCE Sound Generations