DALLAS--(BUSINESS WIRE)--U.S. Residential Group LLC (“U.S. Residential”) recently experienced a potential security incident involving the personal information of some of its current and former employees and/or their dependents. As a precaution, we are providing this notice to make potentially affected individuals aware of the incident and provide information on steps they can take to help monitor and protect their personal information. We take the security of our current and former employees’ information very seriously, and we deeply regret any concern this may cause.
As a result of a phishing attack, an unauthorized individual was able to gain user credentials for a company email account, then log in and gain access to the account.
What Information Was Involved
Some of the files contained certain information about current and former U.S. Residential employees, including name, social security number, business financial account numbers, driver’s license or government identification number, and in some cases medical or health insurance information and identifiers. Please note, at this time we are not aware of any fraud or misuse of this information as a result of this incident.
What We Are Doing
U.S. Residential took steps to address this incident promptly after it was discovered, including engaging a third-party forensic computer firm to assist with investigating this incident and to determine what information was impacted. U.S. Residential also contacted law enforcement and will continue to cooperate with any further investigation into this matter. To prevent an incident like this from recurring in the future, we have also taken steps to improve our employees’ awareness of phishing attacks by enhancing our security awareness training and education, including simulated phishing attacks. We are also partnering with an industry-leading security technologies firm to implement additional tools to help protect employee accounts.
What Impacted Current and Former Employees Can Do
We want to make current and former employees aware of steps they can take to guard against fraud or identity theft. They can carefully check credit reports for accounts they did not open or for inquiries from creditors they did not initiate. If they see anything they do not understand, call the credit agency immediately. If they find any suspicious activity on their credit reports, call the local police or sheriff's office, and file a police report for identity theft and get a copy of it. Copies of the police report may need to be given to creditors to clear up records.
U.S. Residential is offering potentially affected individuals a complementary one-year enrollment in credit monitoring and fraud resolution services. Enrollment must be completed by November 10, 2017. For more information about these services and instructions on completing the enrollment process, please call 888-721-0141 to speak with a representative. Even if potentially affected employees decide not to take advantage of the subscription offer, they may still receive identify restoration services in the event that they become victim of identity theft by calling 877-368-4940, 9:00 a.m. to 8:00 p.m. Eastern Time, Monday through Friday, before August 10, 2018. If they become a victim of identity theft, they should call the number above and an identity restoration specialist will work on their behalf to help them restore their identity.
More information is available at www.usrgroup.com/notification, including the “Information about Identity Theft Protection” reference guide describing additional steps that may be taken, including recommendations by the Federal Trade Commission regarding identity theft protection and details on placing a fraud alert or a security freeze on their credit file.
For More Information
For more information about this incident, or if potentially affected employees have additional questions or concerns, they may contact us directly at 888-721-0141 between 9:00 a.m. and 9:00 p.m. Eastern Standard Time, Monday through Friday. Again, we sincerely regret any concern this event may cause.