Gas South, LLC Confirms Unauthorized Access to Its Network, Leading to Consumer Data Breach

Richard Console, Jr.
Console and Associates, P.C.
Contact
LinkedIn
Facebook
X
Send
Embed

Recently, Gas South, LLC reported that the company experienced a data breach after an unauthorized party gained access to sensitive consumer data contained on the Gas South network. While Gas South has confirmed the breach, the company has not yet publicly announced what types of information were compromised in the breach. However, based on the state data breach reporting requirements, it is likely, although not confirmed, that one or more of the following data types were leaked as a result of the attack: Social Security numbers, driver’s license numbers, bank or credit card account numbers, or medical records. On July 15, 2022, Gas South filed official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Gas South data breach, please see our recent piece on the topic here.

What We Know About the Gas South Data Breach

According to an official notice filed by the company, on February 21, 2022, Gas South detected unusual activity on some of its computer systems. In response, the company disconnected the affected systems, secured its network, and commenced an investigation into the incident. The Gas South investigation revealed that an unauthorized party had access to certain company files between February 13, 2022 and February 23, 2022.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Gas South reviewed the affected files to determine who was affected and what information was involved. The company’s review is ongoing, and thus, the specific types of information that were leaked in the attack have not yet been confirmed.

However, on July 15, 2022, Gas South filed official notice of the incident with the Montana Department of Justice. Under state law, organizations must report breaches involving Social Security numbers, driver’s license numbers, bank or credit card account numbers, or medical records. Thus, it is likely that the breach involved one or more of these data types.

On July 15, 2022, Gas South also sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Gas South, LLC

Gas South, LLC is a natural gas provider based in Atlanta, Georgia. Founded in 2006, Gas South quickly grew to be one of the largest natural gas companies in the southeastern United States, serving more than 425,000 in Georgia and 13 other states. Gas South is a wholly owned subsidiary of Cobb Electric Membership Corporation. Gas South employs more than 250 people and generates approximately $193 million in annual revenue.

Can Victims of a Data Breach Hold a Company Responsible Breach?

Yes, the United States data breach laws allow victims of a data breach to file or join a data breach class action lawsuit against the company responsible for the breach. However, a company is not automatically liable for a data breach; in most cases, victims must establish that the company’s negligence caused or contributed to the breach before the company will be found legally responsible.

In the context of data breaches, companies may act negligently in a few different ways. For example, below are a few of the most common scenarios that can lead to a data breach:

  • A company fails to employ an adequate data security system or relies an outdated system;

  • A company mistakenly transmits consumer information to an unauthorized party;

  • A company employee fails to follow the proper procedures when handling consumer data, for example by failing to encrypt sensitive data; or

  • An employee responds to a phishing attack, either by clicking on a link or providing sensitive information to an unauthorized party.

Of course, these are just a few of the ways in which a company’s oversights can result in a data breach—there are many others. As a general rule, companies have a duty to safeguard the consumer data in their possession. If a company makes a mistake or tries to cut corners when it comes to data privacy, it may be a sign of negligence. Those who have questions about whether a particular company can be held financially liable for a data breach should reach out to a dedicated data breach lawyer for immediate assistance.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations. Attorney Advertising.

© Console and Associates, P.C.

Written by:

Console and Associates, P.C.
Console and Associates, P.C.
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Console and Associates, P.C. on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide