On August 29, 2024, Phase II d/b/a Public Agency Retirement Services (“PARS”) filed a notice of data breach with the Attorney General of California after discovering that an unauthorized party was able to access a company email account. In this notice, PARS explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information. Upon completing its investigation, PARS began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
If you receive a data breach notification from Public Agency Retirement Services, it is essential you understand what is at risk and what you can do about it. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft, as well as discuss your legal options following the Public Agency Retirement Services data breach. For more information, please see our recent piece on the topic here.
What Caused the Public Agency Retirement Services Data Breach?
The Public Agency Retirement Services data breach was only recently announced, and more information is expected in the near future. However, PARS’s filing with the Attorney General of California provides some important information on what led up to the breach.
According to this source, PARS designs, implements and administers retirement products designed for public agencies, which is how PARS collects personal information of certain government employees. Recently, PARS learned that it was the target of an email phishing attack in which an unauthorized party was able to gain access to an employee’s email account.
In response, PARS secured the affected email account and then launched an investigation into the incident with the help of outside cybersecurity specialists. On August 1, 2024, PARS’ investigation confirmed that an unauthorized party was able to access certain emails and attachments containing confidential consumer information between March 11, 2024 and March 14, 2024.
After learning that sensitive consumer data was accessible to an unauthorized party, Public Agency Retirement Services reviewed the compromised files to determine what information was leaked and which consumers were impacted.
On August 29, 2024, Public Agency Retirement Services sent out data breach letters to anyone who was affected by the recent data security incident. While the publicly available PARS data breach letters do not mention what data types were leaked as a result of the incident, the personalized letters that were recently sent out should provide victims with a list of what information of theirs was compromised.
More Information About Public Agency Retirement Services
Founded in 1984, Public Agency Retirement Services is a business services company that specializes in designing and administering retirement products for government employers. PARS serves both municipal governments as well as school districts and institutions of higher education. Public Agency Retirement Services employs more than 101 people and generates approximately $13 million in annual revenue.
