Recently, Centerspace, LP confirmed it experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on the company’s computer network. However, because the Centerspace data breach is very recent and the company has not yet provided details regarding the specific data types that were leaked, this information remains unknown. That said, the state reporting guidelines require companies to report any breach involving Social Security numbers, driver’s license numbers, bank or credit card account numbers, and medical records. Thus, it is likely, although not confirmed, that the incident affected one or more of these data types. On July 14, 2022, Centerspace filed official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Centerspace data breach, please see our recent piece on the topic here.

Details About the Centerspace Data Breach

According to an official notice filed by the company, on November 11, 2021, Centerspace experienced a disruption in its ability to access the company’s computer systems. In response, Centerspace secured its systems and enlisted the help of an independent digital forensics firm to investigate the incident. Through this investigation, Centerspace hoped to learn what happened, whether any consumer data was compromised and, if so, what data types were accessible to an unauthorized party. On November 15, 2021, Centerspace learned that an unauthorized party was able to access company files and that these files contained the personal information of certain consumers.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Centerspace then reviewed the affected files to determine exactly what information was compromised. Centerspace completed this review on July 1, 2022; however, the company has not yet posted notice on its website or elsewhere publicly disclosing the type of information that was accessible to the unauthorized party.

On July 14, 2022, Centerspace sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

Founded in 1970, Centerspace, LP is a real estate investment trust (“REIT”) based in Minot, North Dakota. However, previously, the company was known as IRET, until December 2020, when IRET changed its name to Centerspace. As a REIT, Centerspace is focused on the ownership, management, acquisition, redevelopment, and development of rentable properties, in this case, apartment communities. Centerspace, LP is traded on the New York Stock Exchange under the ticker symbol “CSR.” Centerspace employs more than 462 people and generates approximately $201 million in annual revenue.

How to Protect Yourself After a Data Breach

For many victims of the Centerspace data breach, this will be the first time that their personal information was involved in a data security incident. That being the case, it is certainly understandable for individuals to wonder what they should do to protect themselves. Below is a list of actions you can take to reduce the risk of identity theft in the wake of a data breach.

Determine What Information Was Stolen: Carefully review the data breach letter sent by Centerspace. This letter will tell you what information of yours was compromised. Be sure to make a copy of the data breach letter and keep it for your records. Of course, data breach letters are not always easy to understand, so if you need assistance, feel free to reach out to a data breach lawyer.

Reduce the Possibility of Future Access to Your Accounts: Once you determine which of your information was leaked in a breach, you should take all steps to prevent cybercriminals from accessing your credit or financial accounts. For example, after any breach, you should change all passwords and security questions for your online accounts. You should also consider setting up multi-factor authentication where it is available. If sensitive information, such as your bank account number or credit card number, were exposed, consider closing the account and opening a new one.

Sign Up for Free Credit Monitoring: In the wake of a data breach, companies usually provide free credit monitoring services. Centerspace is no exception, as it is offering between 12 and 24 months of credit monitoring at no cost to victims. This is not a gimmick, and you do not give up any rights by taking a company up on their offer.

Consider a Fraud Alert or a Credit Freeze: A fraud alert informs potential creditors or any company that pulls your credit that your data was recently compromised. A credit freeze prevents access to your credit report unless you specifically authorize it. Credit freezes are free and last until you remove them. Both fraud alerts and credit freezes are effective at reducing the chances of identity theft.

Regularly Monitor Your Credit Report and Financial Accounts: Protecting yourself in the wake of a data breach is not a one-time task. It is essential that you continually monitor your credit report and all financial accounts, keeping an eye out for any signs of unauthorized activity or fraud. If you notice anything suspicious, be sure to report it as soon as possible.