Bayside Covenant Church Provides Notice of Data Breach

ROSEVILLE, Calif., Feb. 5, 2019 /PRNewswire/ -- What Happened? In October of 2018, Bayside became aware of suspicious activity in certain employees' email accounts.  Bayside immediately began an investigation to confirm the nature and scope of this activity.  Through the investigation, which included working with third party forensic investigators, we determined that the unauthorized actors accessed certain employees' accounts without authorization between August 3, 2018 and October 20, 2018.  Unfortunately, the investigation was unable to determine which emails or attachments may have been viewed without authorization.  In an abundance of caution, the entire contents of the email accounts involved were reviewed to identify any personal information contained within the accounts.  On December 19, 2018, the programmatic and manual review was completed, and it was determined that certain personal information was contained within the accounts that were accessed without authorization.  To date, we have no information that there has been any actual or attempted misuse of the personal information within the accounts related to this event. 

What Information Was Involved? The investigation in this matter confirmed that the following types of personal information were contained in the email accounts affected by this event included a combination of: name, address, Social Security Number, passport number, driver's license number, financial account information, medical information, health insurance information, username and password for online account, and email and password.   

What We Are Doing?  Bayside takes the confidentiality, privacy, and security of information in our care is seriously and it is one of our highest priorities.  Upon learning of the suspicious activity in the affected email accounts, we immediately commenced an investigation to confirm the nature and scope of the event.  We took steps to identify the personal information contained in the affected email accounts and are notifying potentially impacted individuals of the event.  As an added precaution, we are offering those individuals affected by the event access to credit monitoring, fraud consultation and identity theft repair services at no cost.  Bayside is also notifying relevant regulators of the event as well. 

While we have measures in place to protect information in our care, we are reviewing our existing policies and procedures following this event as part of our ongoing commitment to information security. 

What You Can Do. Bayside encourages potentially impacted individuals to remain vigilant against incidents of identity theft and fraud, to review your account statements and to monitor your credit reports for suspicious activity and to detect errors.  Under U.S. law residents are entitled to one free credit report annually from each of the three major credit reporting bureaus.  To order a free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228.  Affected individuals may also contact the three major credit bureaus directly to request a free copy of your credit report.

Affected individuals have the right to place a "security freeze" on their credit report, which will prohibit a consumer reporting agency from releasing information in your credit report without their express authorization.  The security freeze is designed to prevent credit, loans, and services from being approved in the individual's name without his or her consent.  However, affected individuals should be aware that using a security freeze to take control over who gets access to the personal and financial information in their credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit.  Pursuant to federal law, affected individuals cannot be charged to place or lift a security freeze on their credit report.  Should affected individuals wish to place a security freeze, please contact the major consumer reporting agencies listed below:

In order to request a security freeze, affected individuals will need to provide the following information:

1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.);
2. Social Security number;
3. Date of birth;
4. If you have moved in the past five (5) years, provide the addresses where you have lived over the prior five years;
5. Proof of current address, such as a current utility bill or telephone bill;
6. A legible photocopy of a government-issued identification card (state driver's license or ID card, military identification, etc.);
7. If you are a victim of identity theft, include a copy of either the police report, investigative report, or complaint to a law enforcement agency concerning identity theft.

As an alternative to a security freeze, affected individuals have the right to place an initial or extended "fraud alert" on their file at no cost.  An initial fraud alert is a 1-year alert that is placed on a consumer's credit file.  Upon seeing a fraud alert display on a consumer's credit file, a business is required to take steps to verify the consumer's identity before extending new credit.  If an affected individual is a victim of identity theft, they are entitled to an extended fraud alert, which is a fraud alert lasting seven years.  Should affected individuals wish to place a fraud alert, please contact any one of the agencies listed below:

Affected individuals can further educate themselves regarding identity theft, fraud alerts, security freezes, and the steps you can take to protect yourself, by contacting the consumer reporting agencies, the Federal Trade Commission, or your state Attorney General.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580, www.identitytheft.gov, 1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. Affected individuals can obtain further information on how to file such a complaint by way of the contact information listed above. Affected individuals have the right to file a police report if they ever experience identity theft or fraud.  Please note that in order to file a report with law enforcement for identity theft, affected individuals will likely need to provide some proof that they have been a victim.  Instances of known or suspected identity theft should also be reported to law enforcement.  This notice has not been delayed by law enforcement.    

While we have no information that there has been misuse or attempted misuse of the personal information accessible, Bayside encourages affected individuals to promptly change passwords for any account that may share a password. 

For More Information. Bayside has set up a dedicated call center to answer questions from those who might be impacted by this event. The call center can be reached at 1-877-571-1215, Monday through Friday 6:00 a.m. to 3:30 p.m., Pacific Time.  Additional information can also be found at the Bayside's website, https://www.baysideonline.com/.   

View original content:http://www.prnewswire.com/news-releases/bayside-covenant-church-provides-notice-of-data-breach-300790224.html

SOURCE Bayside Covenant Church

[ Back To TMCnet.com's Homepage ]