Legal Notice Concerning Data Incident
NOTICE OF DATA INCIDENT
ABOUT THE DATA PRIVACY EVENT The City of New Bedford (“The City”) recently learned of an incident that may affect the privacy of certain information. The City is providing notice of the event so potentially affected individuals may take steps to better protect their personal information, should they feel it appropriate to do so.
FREQUENTLY ASKED QUESTIONS
What happened? On or around July 5, 2019, the City became aware of unusual activity on its servers. The City immediately commenced an investigation, with the aid of forensic experts, to confirm the nature and scope of the activity. On or around August 27, 2019, the City learned that an unauthorized actor potentially had access to certain servers and devices, and through that, to certain personal information. While we have no evidence of actual or attempted theft or misuse of information present in the affected servers and devices, in an abundance of caution, we are currently undertaking a comprehensive review of the data present on the servers and devices to confirm what information may be present. The servers and devices potentially subject to unauthorized access may include information stored by the Community Development Department, the Emergency Management Department, the Department of Facilities and Fleet Management, the Fire Department, Emergency Medical Services, the Health Department, the Personnel Department, the Planning Department, the Port Authority, the Purchasing Department, the Recreation Department, and the Solicitor’s Office.
What information was involved. The investigation in this matter is ongoing. Upon conclusion of this investigation, the City will be taking steps to directly notify those individuals whose information was present within the servers and devices and provide detail on what specific information may be affected.
What the City is doing. The security of personal information is one of our highest priorities and we take this incident very seriously. Upon learning of this incident, we immediately took steps to ensure the security of our environment and investigate the activity. The City is working diligently to identify the individuals whose information may be present in the affected servers and files, and to provide them with further information regarding this incident. The City has also implemented additional security measures to its environment, including enhanced antivirus measures and revised computer usage protocols. We are also reviewing our existing policies and procedures and will be reporting this incident to relevant state and federal regulators, as required.
What you can do. The City encourages individuals to review and consider the information and resources outlined in the below “Privacy Safeguards.”
For More Information? You may write to the City of New Bedford at 133 William Street, Room 203, New Bedford, MA 02740 or call 1-833-680-7830 with any additional questions.
PRIVACY SAFEGUARDS
Monitor Your Accounts
The City of New Bedford encourages potentially impacted individuals to remain vigilant against incidents of identity theft and fraud by reviewing their accounts, explanations of benefits, and credit reports for suspicious activity, to detect errors. You are encouraged to report any suspicious activity to the affiliated institutions immediately. Under U.S. law, individuals with credit reports are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228. You may also contact the three major credit bureaus directly to request a free copy of your credit report.
You have the right to place a “security freeze” on your credit report, which will prohibit a consumer
reporting agency from releasing information in your credit report without your express authorization. The
security freeze is designed to prevent credit, loans, and services from being approved in your name without
your consent. However, you should be aware that using a security freeze to take control over who gets
access to the personal and financial information in your credit report may delay, interfere with, or prohibit
the timely approval of any subsequent request or application you make regarding a new loan, credit,
mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be
charged to place or lift a security freeze on your credit report. Should you wish to place a security freeze,
please contact the major consumer reporting agencies listed below:
Experian
PO Box 9554
Allen, TX 75013
1-888-397-3742
www.experian.com/freeze/center.html
TransUnion
P.O. Box 2000
Chester, PA 19016
1-888-909-8872
www.transunion.com/credit-freeze
Equifax
PO Box 105788
Atlanta, GA 30348-5788
1-800-685-1111
www.equifax.com/personal/credit-report-services
In order to request a security freeze, you will need to provide the following information:
1. Your full name (including middle initial as well as Jr., Sr., II, III, etc.);
2. Social Security number;
3. Date of birth;
4. If you have moved in the past five (5) years, provide the addresses where you have lived over the
prior five years;
5. Proof of current address, such as a current utility bill or telephone bill;
6. A legible photocopy of a government-issued identification card (state driver’s license or ID card,
military identification, etc.);
7. If you are a victim of identity theft, include a copy of either the police report, investigative report,
or complaint to a law enforcement agency concerning identity theft.
As an alternative to a security freeze, you have the right to place an initial or extended “fraud alert” on your
file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing
a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s
identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended
fraud alert, which is a fraud alert lasting seven years. Should you wish to place a fraud alert, please contact
any one of the agencies listed below:
Experian
P.O. Box 2002
Allen, TX 75013
1-888-397-3742
www.experian.com/fraud/center.html
TransUnion
P.O. Box 2000
Chester, PA 19016
1-800-680-7289
www.transunion.com/fraud-victim-resource/placefraud-alert
Equifax
P.O. Box 105069
Atlanta, GA 30348
1-888-766-0008
www.equifax.com/personal/credit-report-services
You can further educate yourself regarding identity theft, fraud alerts, security freezes, and the steps you
can take to protect yourself, by contacting the consumer reporting agencies, the Federal Trade Commission,
or your state Attorney General. The Federal Trade Commission can be reached at: 600 Pennsylvania
Avenue NW, Washington, DC 20580, www.identitytheft.gov, 1-877-ID-THEFT (1-877-438-4338); TTY:
1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information
has been misused to file a complaint with them. You can obtain further information on how to file such a
complaint by way of the contact information listed above. You have the right to file a police report if you
ever experience identity theft or fraud. Please note that in order to file a report with law enforcement for
identity theft, you will likely need to provide some proof that you have been a victim. Instances of known
or suspected identity theft should also be reported to law enforcement and your state Attorney General.
This notice has not been delayed by law enforcement.