East West Family of Companies Announces Data Breach Involving Sensitive Employee Information | Console and Associates, PC

Recently, East West Family of Companies (“East West”) confirmed that the company suffered a data breach after an unauthorized party gained access to stores of sensitive information on the company’s computer network. According to East West, the breach resulted in the compromise of the names and social security numbers of certain employees and employees’ dependents. On July 1, 2022, East West filed a formal notice of breach and sent data breach letters to all affected parties.

If you have received a data breach notification, it is essential that you understand what is at risk and what you can do about it. To learn more about how to protect yourself against fraud or identity theft and what legal options are available to you following the East West data breach, please see our recent article on the topic. here.

What we know about the East West data breach

According to an official notice filed by the company, on November 8, 2021, East West detected unauthorized access to some of its computer systems. In response, the company secured its systems and launched an investigation into the incident with the help of third-party cybersecurity professionals. Shortly after the breach, East West was able to restore operations of its system; however, the investigation determined that an unauthorized user was able to access certain files on the company network between November 5, 2021 and November 8, 2021. These files contained the information of current and former employees and individuals at the expense of the employees.

After discovering that sensitive employee data was accessible to an unauthorized party, East West then reviewed the affected files to determine exactly what information had been compromised. The company completed this review on May 9, 2022. Although the information hacked varies depending on the individual, it can include your name and social security number.

On July 1, 2022, East West sent data breach letters to everyone whose information was compromised as a result of the recent data security incident.

More information about the East West family of companies

East West Family of Companies is a commercial and residential construction company based in Denver, Colorado. The East West Family of Companies consists of three small businesses, East West Partners, East West Hospitality and Slifer Smith & Frampton Real Estate. Collectively, the company and its subsidiaries design and execute major construction projects. The East West family of companies also manages the sales process once the project is complete. East West employs over 42 people and generates approximately $26 million in annual revenue.

How do hackers gain access to consumer information stored on a company’s servers?

All data breaches have one thing in common: a hacker or other malicious actor can gain access to sensitive consumer information. However, how hackers can access this data varies widely.

Although the East West family of companies provides some details about the recent data security incident, the company does not elaborate on how the unauthorized party gained access to the breached information. Typically, there are a few different things that could have happened before the breach. Below are some of the most common causes of data breaches.

A company employee does not follow the correct procedures

Some data breaches result from an employee’s failure to follow the company’s established protocol for handling consumer data. For example, an employee may forget to encrypt files containing sensitive information or may send information to an unsecured email address.

A company fails to implement and maintain an up-to-date data security system

Data security systems are the first line of defense against cyberattacks. Companies that rely on inadequate or outdated systems are more likely to be successfully targeted by hackers.

An employee responds to an email phishing attack

Email phishing is an increasingly common way for hackers to obtain sensitive consumer information. Phishing attacks use the principles of social engineering to trick an employee into directly providing information to the hacker or downloading malware that allows the hacker to gain access to the victim’s computer. Phishing attacks begin with the hacker sending a legitimate-looking email asking the recipient to verify their identity or click on a link.

The end result of each of these attacks is the same: hackers gain sensitive consumer information that they can use to commit identity theft and other fraud. Data breach victims who want to learn more about how to protect themselves and whether they have legal action against a company should contact a dedicated data breach attorney for assistance.

Comments are closed.