East West Family of Companies Announces Data Breach Involving Sensitive Employee Information

Console and Associates, P.C.
Contact

Recently, East West Family of Companies (“East West”) confirmed that the company experienced a data breach after an unauthorized party gained access to sensitive consumer information stores on the company’s computer network. According to the East West, the breach resulted in the names and Social Security numbers of certain employees and employee dependents being compromised. On July 1, 2022, East West filed official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the East West data breach, please see our recent piece on the topic here.

What We Know About the East West Data Breach

According to an official notice filed by the company, on November 8, 2021, East West detected unauthorized access on some of its computer systems. In response, the company secured its systems and launched an investigation into the incident with the assistance of third-party cybersecurity professionals. Shortly after the breach, East West was able to restore its system operations; however, the investigation determined that an unauthorized user was able to access certain files on the company’s network between November 5, 2021 and November 8, 2021. These files contained the information of current and former employees and employees’ dependents.

Upon discovering that sensitive employee data was accessible to an unauthorized party, East West then reviewed the affected files to determine exactly what information was compromised. The company completed this review on May 9, 2022. While the breached information varies depending on the individual, it may include your name and Social Security number.

On July 1, 2022, East West sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About East West Family of Companies

East West Family of Companies is a commercial and residential construction company based in Denver, Colorado. The East West Family of Companies consists of three smaller companies, east west partners, east west hospitality, and Slifer Smith & Frampton Real Estate. Collectively, the company and its subsidiaries design and build large construction projects. The East West Family of Companies also works to manage the sale process once the project is complete. East West employs more than 42 people and generates approximately $26 million in annual revenue.

How Do Hackers Access Consumer Information Stored on a Company’s Servers?

All data breaches share one thing in common: a hacker or other bad actor is able to access sensitive consumer information. However, the manner in which hackers are able to obtain access to this data varies widely.

While the East West Family of Companies provides some details about the recent data security incident, the company does not elaborate on how the unauthorized party was able to access the information that was subject to the breach. As a general rule, there are a few different things that could have happened leading up to the breach. Below are a few of the most common causes of data breaches.

A company employee doesn’t follow the correct procedures

Some data breaches are the result of an employee failing to follow the company’s established protocol when it comes to handling consumer data. For example, an employee may forget to encrypt files containing sensitive information or may send information to an unsecured email address.

A company fails to implement and maintain an up-to-date data security system

Data security systems are the first line of defense against cyberattacks. Companies that rely on inadequate or outdated systems are more likely to be successfully targeted by hackers.

An employee responds to an email phishing attack

Email phishing is an increasingly common way for hackers to obtain sensitive consumer information. Phishing attacks rely on principles of social engineering to get an employee to provide information to the hacker directly or download malicious software that allows the hacker to access the victim’s computer. Phishing attacks start with the hacker sending a legitimate-looking email asking for the recipient to either verify their identity or click on a link.

The end result of each of these attacks is the same: hackers obtain sensitive information belonging to consumers, which they can use to commit identity theft and other frauds. Victims of a data breach who would like to learn more about how to protect themselves and whether they have a legal claim against a company should reach out to a dedicated data breach lawyer for assistance.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

Written by:

Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide