CGM Data Breach: Know Your Rights

What Happened?

On December 28, 2022, CGM, Inc. detected unusual activity in its information technology network. The company initiated an immediate investigation to understand the nature and scope of this activity. It was determined that between December 15, 2022, and December 28, 2022, an unauthorized actor may have accessed sensitive data stored on CGM’s systems.

A thorough review was conducted to ascertain the specific data that was potentially compromised. This review concluded on March 23, 2023, revealing that sensitive information including driver's license numbers, government-issued ID numbers, financial information, medical information, and health insurance details were possibly accessed. Notifications to the affected individuals began in April 2023, following the approval from data owners, with the process extending into December 2023 for comprehensive identification and notification.

For more detailed information, you can view the full disclosure on the Maine Attorney General's website, the Texas Attorney General's website, and the California Attorney General's website.

Immediate Actions Taken

Upon discovering the breach, CGM, Inc. took actions to secure its systems and mitigate any potential damage. The company engaged with federal law enforcement to report the incident and began an extensive investigation with the help of third-party cybersecurity experts. To prevent future breaches, CGM has since enhanced its security measures and is reviewing and updating its policies and procedures related to data protection.

What This Means for You

If you are among the 315,346 individuals in the United States affected by this breach, it is crucial to remain vigilant. CGM, Inc. has offered 12 months of free credit monitoring through Equifax to help protect against potential identity theft. Affected individuals are advised to monitor their account statements and credit reports closely for any unusual activity.

Steps to Protect Yourself

1. Register for Credit Monitoring: Activate the complimentary service offered by CGM by visiting Equifax and entering the provided activation code.
2. Monitor Your Accounts: Regularly check your financial account statements and your credit reports from the three major credit bureaus—Equifax, Experian, and TransUnion. You are entitled to a free credit report every year from each bureau, accessible at AnnualCreditReport.com.
3. Place Fraud Alerts and Credit Freezes: Consider placing a fraud alert or a credit freeze on your credit reports to make it harder for identity thieves to open accounts in your name. This can be done for free by contacting the three major credit bureaus.

Additional Resources

For more guidance on how to respond to this data breach, or if you suspect identity theft or fraud, you can contact the Federal Trade Commission through their website at IdentityTheft.gov. It's also advisable to report any identity theft to your local law enforcement or your state's Attorney General's office.

Your proactive steps in monitoring and protecting your personal information can significantly reduce the risk of identity theft and its potential impact on your life.