Over the last month, I wrote about data breaches and some of the things you can do to protect yourself from identity fraud. Ironically, I recently received a letter dated August 26, 2024, from Young Consulting c/o Cyberscout, notifying of a data breach and that my personal information was compromised. Additionally, in the mail, I received three identical notice of breach letters, each one addressed to a member of my family – my wife, and two children– Young Consulting provides risk management services to our health insurer Blue Shield of California. This is another reminder that your personal information is not safe and is most likely already on the dark web. Here is a quick look at the Young Consulting data breach.
Who is Young Consulting
Young Consulting provides risk management services to health insurance companies – more specifically, it develops integrated software solutions for the marketing, underwriting and administering of medical stop loss insurance for Carriers, Brokers and Third-Party Administrators. Young Consulting has recently been branded to Connexure. However, Young Consulting still has a webpage that provides a link to the “Notice of Data Privacy Event.” The Notice of Data Privacy Event page is similar to the August 26, 2024 letter I received, via mail, and provides general information about the data breach. The Notice of Data Privacy Event page also provides steps an affected individual can take to protect themselves from identity fraud.
Notification of Breach
The Young Consulting letter dated August 26, 2024 explains, in part, that “an investigation determined that an unauthorized actor gained access to Young Consulting’s network between April 10, 2024, and April 13, 2024, and downloaded copies of certain files.” Additionally, the letter explains “[y]our information that may have been accessed or acquired includes your name, Social Security number, date of birth, and insurance claim information.” The August 26, 2024 letter claims that Young Consulting is unaware of the misuse of my information, but is providing notice of the breach with steps that I can take to protect myself.
Additional Information
What the August 26, 2024 Young Consulting letter does not explain is that over 950,000 individuals were affected by this breach. The breach was conducted by the BlackSuit ransomware group. Because Young Consulting refused to pay Blacksuit’s requested ransom, BlackSuit made the stolen information public. Not good.
Remedy Assistance
Young Consulting has provided a phone number to a help line and will answer any questions in regard to the data breach. Additionally, Young Consulting provides specific details about how to freeze your credit at the three major credit bureaus – TransUnion, Equifax or Experian.
Young Consulting is offering 12 months of complimentary credit monitoring services through Cyberscout, a TransUnion company. You can enroll in the program at www.mytrueidentity.com. The program gives you access to your TransUnion credit report, free monitoring alerts and identity theft insurance. You can even lock your credit at TransUnion with a click of a button. However, as I have explained in the past, locking and even freezing your credit with one credit bureau, will not protect you if a creditor opens credit through another credit bureau like Equifax or Experian.
You Have to Monitor
Based on all the data breaches in the last few years, it is obvious your personal information can’t be protected. Your information is already on the dark web. So, you have to make sure you monitor your credit and take the appropriate steps to protect yourself.