Only Employees Affected in My Life Foundation Internal Breach
Table of Contents
- By Steven
- Nov 18, 2022
The My Life Foundation is a foundation dedicated to bettering the lives of individuals with intellectual disabilities. It works to help them get jobs and better their quality of living. Recently, My Life announced a data breach that affected what seems to be current and former employees.
How Did the Attack Occur?
We’ve all got our odd work stories, but we think this one will take the cake. My Life president, David Bunker, sent notification letters to all affected employees. The letters said, “My team and I suspected that a former employee, Tim DeHaven, and then-current employee, Erik Duzell, Sr., were conspiring to steal company files from My Life Foundation by improperly using their position and access to illegally provide 3D Supports, LLC unauthorized access to employee information.” Later, the company found text messages between the two in which they admitted to stealing files, thus launching My Life’s investigation.
What Information Was Viewed or Stolen?
The stolen information varied depending on the individual, as with many breaches.
- TASC (Total Administrative Services Corporation) account numbers
- Phone numbers
- Full names
- Social security numbers
- Last four digits of credit cards
- Bank account numbers
- Personal emails
- Addresses
- Banking institution
How Did My Life Admit to the Breach?
My Life admitted to the breach by sending notification letters to affected individuals. The letters outlined the affected information, the steps the foundation is taking to prevent further issues, and how it is helping the victims. The My Life Foundation also notified the California Attorney General’s Office. “We hired a third-party cyber security company and outside counsel to determine the nature and scope of the incident and obtain a court order to return all of the employee information,” it read. “We will continue to assess any additional actions needed to protect our employee information.”
What Will Become of the Stolen Information?
Luckily, the victims do not have a high chance of identity theft or fraud. The My Life Foundation discovered the breach soon after it occurred, resulting in the unemployment of Erik Duzell, Sr. “In September 2021, we discovered that Erik had accessed Tim’s files and downloaded them to his computer; during our interview about his actions, he wiped his computer clean,” said the notification letter. “As a result, the Superior Court of California, Los Angeles County granted My Life Foundation a court order requiring the return of all MLF documents. In response to the court order, 3D Supports LLC provided a significant amount of data that included personal information.”
What Should Affected Parties Do in the Aftermath of the Breach?
For many data breach victims, finding reliable help for the circumstances can be challenging. However, there are tons of resources available to affected individuals. The My Life Foundation offered complimentary credit monitoring services to the victims, which recipients of the letters will find was outlined. There are also state hotlines that you can call to report identity theft or other breach-related issues.