Gateways Community Services Data Breach Exposes SSNs and More

Gateways Community Services, a non-profit organization that provides support services to individuals with developmental disabilities, brain injuries and autism in southern New Hampshire, disclosed a data breach involving Social Security numbers and other sensitive tax-related information.

According to the company's notification letter, the incident involved unauthorized access to employee W-2 forms. The company did not provide specific details about when the breach occurred, how it was discovered or what type of cyberattack led to the unauthorized access.

The personally identifiable information that may have been exposed included first and last names, home addresses, Social Security numbers, federal, state and local tax withholding amounts and the employer's Employer Identification Number.

The total number of people affected nationwide was not disclosed in the regulatory filing, although so far 29 Massachusetts residents were identified as affected.

Gateways Community Services' response to the breach

Gateways is offering affected individuals 24 months of complimentary single-bureau credit monitoring, credit report and credit score services through Cyberscout, a TransUnion company specializing in fraud assistance and remediation.

To enroll, individuals can visit the Cyberscout activation portal and enter the unique code included in their notification letter. Enrollment must be completed within 90 days of the date of the letter.

Beyond credit monitoring, the company is providing proactive fraud assistance through Cyberscout. This service is available to help affected individuals who have questions or who may become victims of fraud related to the incident.

For additional questions or concerns, affected individuals can call a dedicated toll-free line at 1-800-405-6108, available Monday through Friday from 8 a.m. to 8 p.m. Eastern time, excluding national holidays.

Steps to take if your information was exposed

• Place a credit freeze with all three credit bureaus to help prevent anyone from opening new credit accounts using the exposed Social Security number by contacting Equifax at 1-800-525-6285, Experian at 1-888-397-3742 and TransUnion at 1-800-680-7289.
• Request free credit reports at AnnualCreditReport.com and review them carefully for any accounts or inquiries that look unfamiliar.
• Obtain an IRS Identity Protection PIN at IRS.gov to prevent someone from using the exposed W-2 information to file a fraudulent tax return.
• File tax returns as early as possible each year to reduce the chance that a scammer uses the stolen tax data to file a fraudulent return first.
• Report suspected identity theft to the Federal Trade Commission at IdentityTheft.gov or by calling 1-877-438-4338, and consider filing a report with local law enforcement.
• Be cautious of phishing attempts that reference Gateways Community Services or this data breach by name, as scammers sometimes use breach notifications to trick people into sharing additional personal information.