Heirloom Roses recently announced that the financial information of approximately 52,206 people was compromised in a data breach. Our data breach lawyers are investigating this cybersecurity incident to determine if consumers may have grounds for a data breach class action lawsuit.
What to know about the Heirloom Roses data breach
The company recently reported that between February 2021 and October 26, 2021, an unauthorized party gained access to certain files on its servers through the use of “malicious code…added to the Heirloom Roses website in the purpose of capturing credit card data”. Further investigation revealed that the files may contain the following information:
- Credit card information (financial account numbers, credit/debit card numbers and account security codes, access codes, passwords or PIN codes)
According to reports, Heirloom Roses does not know what information people actually accessed and cannot confirm that the unauthorized party retained any of the information.
However, anyone who receives a Heirloom Roses data breach notification letter may now face an increased risk of identity theft and other financial loss. Lawyers are currently investigating this recent cybersecurity incident to determine whether the company has taken the necessary steps to keep your data safe and whether those affected by the breach can file a data breach class action lawsuit.
What is a data breach?
A data breach occurs when a hacker or other unauthorized party secretly gains access to sensitive consumer information stored on a company’s servers through some kind of cyberattack. Once a hacker obtains consumer data, they can use that information to commit identity theft or for other criminal purposes. Sometimes hackers sell the data they obtain through a cyberattack to the highest bidder.
No one can say for sure why a hacker targeted your data during a data breach or what they plan to do with it, but having your sensitive information in the hands of an unauthorized party exposes you to a increased risk of identity theft.
As consumers, we all provide personal data to businesses for a variety of reasons. We trust these companies to protect our private data and keep this information secure. Unfortunately, data breaches happen frequently.
Lawyers are investigating data events like this security breach to determine the legal rights of consumers who trusted companies with their sensitive information. Often, hackers target companies that rely on outdated or inadequate data security measures. If it is determined that Heirloom Roses did, in fact, fail to adequately protect consumer data in some way, affected individuals may be eligible for compensation for their financial losses.
What can you do after a data breach?
If you received a data breach letter from the company that suffered a security incident, it means that an unauthorized person, likely a criminal, may have accessed, viewed, and stored your personal information. Although the company cannot know why the third party sought your information and what they intend to do with it, the situation warrants a certain level of caution on your part.
Below are some ways to protect yourself against identity theft and other possible financial risks that can arise from a data breach:
- Read the data breach letter carefully to determine what information about you was accessible;
- Make a copy of the letter for your records;
- Sign up for the free credit monitoring service provided to you (you will need the information in the data breach letter to do this);
- Change all your passwords and security questions for all online accounts;
- Enable two-factor authentication, where available;
- Regularly review your credit card and bank account statements for any signs of suspicious activity;
- Monitor your credit report for any unexpected changes that could be a sign of identity theft;
- Contact one of the major credit bureaus to ask them to add a fraud alert to your profile; and
- Notify your banks and credit card companies of the data breach.
To protect and preserve their legal rights, individuals who have been notified that their data may have been compromised are strongly advised to immediately contact a data breach lawyer.
Data breach attorneys are investigating this security incident and the possibility of a data breach class action lawsuit
Businesses have an ethical and legal duty to protect consumers’ financial information. Although developing and implementing a comprehensive and up-to-date data security system is expensive, it is a necessary cost of doing business in an environment where cyberattacks and data breaches are common. .
Data breach laws are complex, and just because your information may have been accessed while in the custody of Heirloom Roses does not mean that company is legally liable. However, if a business fails to take appropriate steps to protect sensitive consumer information, it can be held liable through a data breach class action lawsuit.
If you have received a data breach notification letter, it is important not only to protect yourself from possible fraud, but also to safeguard your legal rights by contacting a data breach attorney. Consumer privacy attorneys investigate legal matters involving all types of data breaches, ransomware attacks, and cyberattacks, without gain or expense.
find a copy of data breach letter here.
I am writing to inform you of an incident encountered by our company which may have involved your information described below. We take the privacy and security of all information very seriously. That’s why we’re providing you with information about the steps you can take to help protect your information, as well as information about the free identity monitoring services we offer.
What happened: On August 12, 2021, we were alerted to potentially fraudulent activity related to our customers’ payment card information. Upon discovery, we immediately took steps to secure our website and launched an internal investigation. Additionally, we have engaged third-party forensic specialists to assist us in a thorough investigation. Our investigation confirmed that malicious code was added to the Heirloom Roses website with the aim of capturing credit card data beginning in February 2021, which may have continued intermittently until October 26, 2021. After having taken the time to complete a full forensic assessment of our site, we have obtained a list of potentially impacted consumers and have endeavored to obtain sufficient address information and provide notification.
What information was involved: Information potentially affected includes your name, in combination with your credit card information entered on our website.
What we do : Upon learning of this incident, we immediately took action to confirm the security of our website. With the help of third-party forensic specialists, we have also performed a thorough review of our website to ensure that any unauthorized code has been removed, as well as to implement technical measures to prevent a similar incident. not happen again in the future. Additionally, we notify potentially affected individuals and offer free identity monitoring services for 12 months.
What you can do: We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your credit reports/account statements for suspicious activity and detecting errors. If you discover suspicious or unusual activity on your accounts, please promptly contact your financial institution or business. You can also activate the free identity monitoring that we make available to you. Due to privacy laws, we cannot activate on your behalf. Additional information on how to activate the free services is included in “Steps You Can Take to Help Protect Your Information.”
For more information: If you have any questions or concerns about this, please contact us at 1-???-???-????, Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time, excluding select days holidays in the United States. Please have your membership number handy.
Information security is of the utmost importance to us, and we will continue to take steps to protect the information in our custody.