NOTICE OF DATA SECURITY INCIDENT
Gardant Management Solutions (“Gardant”) is committed to protecting the privacy of the information entrusted to us and takes this responsibility seriously. This commitment extends to notifying individuals when their information may be compromised. Although we have no reason to believe that personal information has been used to commit fraud or identity theft, Gardant is notifying the public about a recent email phishing incident.
Gardant has discovered that on October 11, 2019, a third party accessed a Gardant employee’s email account without authorization. Upon learning of the incident, Gardant promptly secured the email account to prevent further access and conducted an initial internal investigation. Gardant also retained a leading forensic security firm to investigate and conduct a comprehensive search for any personal information in the impacted email account, and to confirm the security of our email and computer systems.
On April 9, 2020, the investigation determined that the email account contained some personal information. The information for each individual differs but included names, addresses, dates of birth, phone numbers, Social Security numbers, driver’s license, passport number, credit card information, electronic signature, medical insurance information and/or medical history information.
At this point, Gardant does not know for certain if any personal information was ever viewed by the unauthorized party and does not believe that accessing the personal information in the account was the motive behind the incident. Gardant is also not aware of any instances of fraud or identity theft as a result of this incident. However, out of an abundance of caution, Gardant is notifying the public of the incident. On July 9, 2020, Gardant also mailed notification letters to potentially impacted individuals for whom it had a valid mailing address.
Affected individuals should refer to the notice they receive in the mail regarding the steps they can take to protect themselves. Individuals who did not receive a letter but believe they may have been affected, or who are seeking additional information can call Gardant’s toll free inquiry line at 855-917-3580, Monday through Friday, 9:00 a.m. to 9:00 p.m. ET.
Gardant encourages individuals to remain vigilant to the possibility of fraud and identity theft by reviewing credit card, bank, and other financial statements for any unauthorized activity. If individuals detect any suspicious activity, they should notify the entity with which the account is maintained, and promptly report the suspicious activity to appropriate law enforcement authorities, including the police and their state attorney general. In addition, anyone looking for information on fraud prevention can review tips provided by the FTC at www.ftc.gov/idtheft.
Gardant takes the security of its information seriously and sincerely apologizes for any inconvenience this incident may cause. Gardant is committed to taking steps to help prevent this from happening again, including reviewing its technical controls.
Posted on July 28, 2020