On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company’s IT network. In this notice, AvidXchange explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information. Upon completing its investigation, AvidXchange began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notification from AvidXchange, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the AvidXchange data breach. For more information, please see our recent piece on the topic here.
What Caused the AvidXchange Data Breach?
The AvidXchange data breach was only recently announced, and more information is expected in the near future. However, AvidXchange’s filing with the Attorney General of Massachusetts provides some important information on what led up to the breach. According to this source, back in April 2023, AvidXchange was conducting routine security monitoring when it detected a cybersecurity incident. AvidXchange does not elaborate on the nature of the event or what specifically brought the incident to its attention. However, in response, AvidXchange notified law enforcement, accelerated planned security enhancements, and then launched an investigation with the assistance of third-party data security specialists.
The AvidXchange investigation confirmed that an unauthorized party had previously gained access to its network and removed certain files. It was later determined that some of the files that were accessed and extracted contained confidential consumer information.
After learning that sensitive consumer data was accessible to an unauthorized party, AvidXchange reviewed the compromised files to determine what information was leaked and which consumers were impacted.
On October 13, 2023, AvidXchange sent out data breach letters to anyone who was affected by the recent data security incident. Unfortunately, the publicly available data breach letter from AvidXchange does not list the specific data types that were stolen. However, the individualized data breach letters sent to victims should provide them with a list of what information belonging to them was compromised.
More Information About AvidXchange, Inc.
Established in 2000, AvidXchange, Inc. is a financial software company based out of Charlotte, North Carolina. AvidXchange creates and services accounts payable automation software and payment solutions for middle-market businesses and their suppliers. AvidXchange serves the needs of more than 8,800 companies throughout North America, processing $215 billion in 2021. AvidXchange is publicly traded on the NASDAQ under the symbol “AVDX.” AvidXchange employs more than 1,600 people and generates approximately $332 million in annual revenue.
