Security Breach August 2021

Date: August 25, 2021

NOTICE OF SECURITY BREACH

Dear Valued Client:

We are contacting you about a data breach that has occurred within an Imavex, LLC. server.

 

What Happened? On August 20th, an attacker was able to gain privileged access to one of our systems. Using this access, they were able to obtain a copy of one of our production databases. This copy has been published on various hacker forums.
What Information Was Involved? It is possible that some of your personal data is included in the database leak. This could include your name, email address, mailing address, phone number, password material, and/or the last 4 digits and expiration date of a credit card number. Our systems do not store plaintext passwords nor full credit card numbers.
What We Are Doing We are performing audits of current server configurations and amending our standard practices to help prevent similar incidents from occurring in the future. We are also making every attempt to contact those whose information is contained in the leaked data.
What You Can Do

You should immediately change your password both on any Imavex-hosted service as well as anywhere that you have used the same password.

The Federal Trade Commission (FTC) recommends that you place a free fraud alert on your credit file. A fraud alert tells creditors to contact you before they open any new accounts or change your existing accounts. Contact any one of the three major credit bureaus. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts. The initial fraud alert stays on your credit report for one year. You can renew it after one year. 

Equifax: equifax.com/personal/credit-report-services or 1-800-685-1111

Experian: experian.com/help or 1-888-397-3742

TransUnion: transunion.com/credit-help or 1-888-909-8872

Ask each credit bureau to send you a free credit report after it places a fraud alert on your file. Review your credit reports for accounts and inquiries you don’t recognize. These can be signs of identity theft. If your personal information has been misused, visit the FTC’s site at IdentityTheft.gov to report the identity theft and get recovery steps. Even if you do not find any suspicious activity on your initial credit reports, the FTC recommends that you check your credit reports periodically so you can spot problems and address them quickly. 

You may also want to consider placing a free credit freeze. A credit freeze means potential creditors cannot get your credit report. That makes it less likely that an identity thief can open new accounts in your name. To place a freeze, contact each of the major credit bureaus at the links or phone numbers above. A freeze remains in place until you ask the credit bureau to temporarily lift it or remove it. 

For further information including recommended steps, visit FTC’s website, IdentityTheft.gov/databreach, about steps you can take to help protect yourself from identity theft. The steps are based on the types of information exposed in this breach.

Remove Email Address

If you believe your email address has been compromised and would like to inform us about this breach, please fill out the form linked below.

https://www.imavex.com/email-release/

For More Information Please email reportsecurityvulnerbility@imavex.com for questions and/or more information.