On February 15, 2024, CGM, Inc. filed a notice of data breach with the Attorney General of Texas after discovering that confidential information in the company’s possession was subject to unauthorized access. In this notice, CGM explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, financial account information, health insurance information, addresses, dates of birth, and driver’s license numbers. Upon completing its investigation, CGM began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you received a data breach notification from CGM, Inc., it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the CGM data breach. For more information, please see our recent piece on the topic here.
What Caused the CGM Data Breach?
The CGM data breach was only recently announced, and more information is expected in the near future. However, CGM’s filing with the Attorney General of Texas provides some important information on what led up to the breach. The company also filed notice with the Attorney General of Maine, which provides additional information that isn’t available on the Texas AG’s website.
According to these sources, CGM provides solutions to wireless and broadband companies that participate in the federal Affordable Connectivity Program and Lifeline Program. On December 28, 2022, CGM detected unusual activity within its computer network. In response, CGM secured its systems and then launched an investigation with the help of third-party data security specialists.
The CGM investigation confirmed that an unauthorized party was able to access its computer network between December 15, 2022 and December 28, 2022. CGM was able to determine that some of the files that were accessible to the unauthorized party contained confidential information belonging to certain consumers.
After learning that sensitive consumer data was accessible to an unauthorized party, CGM reviewed the compromised files to determine what information was leaked and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, financial account information, health insurance information, address, date of birth, and driver’s license number.
On February 15, 2024, CGM sent out data breach letters to anyone who was affected by the recent data security incident. These letters should provide victims with a list of what information belonging to them was compromised.
More Information About CGM, Inc.
CGM, Inc. is a digital consulting and software firm based out of Roswell, Georgia. CGM created a software-as-a-service solution designed to help wireless and broadband companies participate in the federal Affordable Connectivity Program and Lifeline Program. CGM’s services allow wireless and broadband companies to confirm subscriber eligibility, enroll low-income households, track agent and distribution activity, calculate and file federal and state reimbursements, and provide audit support. CGM employs more than 25 people and generates approximately $6 million in annual revenue.
