When in doubt, notify. Even if you suspect that it may be a vendor and not your firm that’s been breached – particularly if it’s the FBI or Secret Service that comes knocking on your door to alert you that you may have been breached.
CICS Employment Services Inc is notifying an undisclosed number of individuals that their information may have been accessed without authorization. The firm provides investigative and background checks in Oregon.
I am writing to inform you of an incident that may affect the security of your personal information. We were recently notified by the Federal Bureau of Investigation (the FBI) that personal information we processed regarding an application you made for employment may have been accessed without authorization. This information included your name, address, date of birth and Social Security number. We do not know how or when the alleged unauthorized access may have occurred. The FBI’s forensic examinations of relevant portions of our computer network, database and third party storage provider revealed no evidence of any compromise. However, because of the credible nature of the alleged unauthorized access, we are taking the notification seriously and informing you. Out of an abundance of caution, and at our expense, credit monitoring services will be provided to you as explained below.
In addition to the FBI’s forensic examination, we launched our own investigation into this matter. We immediately engaged the services of an independent forensics investigation firm to determine whether CICS’ security had been compromised. The forensic examinations revealed no evidence that our network or database have been compromised. To ensure the security of all personally identifiable information (PII) in our database, however, and due to our concerns about it being a vendor related breach, we changed web hosts and have ensured that all PII contained in our network is encrypted and secure. The FBI’s investigation into this matter is ongoing, and we are providing any assistance they might need.
Read their full notification letter on the California Attorney General’s web site. The firm has not responded by publication time to an inquiry asking them how many individuals have been notified and if the FBI had any evidence that the information had been misused for identity theft.
I believe this company to be nothing but scam artists. My wife received this letter and has not made ANY applications for employment in the last decade if not longer. At worst this company is bogus and, at best they wrote an alarmist letter that should be filed with the FBI and/or investigated for credibility. I will be on the telephone tomorrow afternoon to investigate this place myself. I plan to submit a copy of this letter to our State authorities also for investigation.
We don’t need this kind of scare tactic along with marketing on their behalf! This kind of thing has to be stopped!
Sincerely, Dave Pitzer
Dave: They’re registered in Oregon, and have been since 2001. Details here on the state’s web site:
http://egov.sos.state.or.us/br/pkg_web_name_srch_inq.show_detl?p_be_rsn=869348&p_srce=BR_INQ&p_print=FALSE
Companies generally do not want to send notifications if they don’t have to, so if they’re writing to your wife, it’s very likely the FBI found your wife’s info in a criminal’s possession and traced it back to a CICS investigation. Why not just ask CICS when they did a report on your wife and for whom?
Good luck.
I agree with Dave on this one. My mother recieved one and did no signing/registering for any employment agencies. I find this to be a well thought scam and they are trying to hard.
Also “Dissent”…
“Suck my ass…”
I think you have misunderstood what the company does. If your mother applied for a job and the company/office/entity where she applied has a contract with CICS to run background checks on potential employees, CICS’d have her information. CICS is not an employment agency. They’re an investigative firm. Your mother would never have known what company the employer/potential employer used to run a background check on her.
I called the FBI… they have NO part of this letter that is going out to the random receivers
Agree – I feel like it is a scam as well. They sent me this very same letter, and I didnt put my social security number anywhere for a place of employment.
If you’re sure you never ever gave a potential employer your SSN, ask CICS how they wound up with your information. They might have gotten your SSN – even if you didn’t provide it to a potential employer – if they ran a consumer credit report check on you as part of their background investigation at a potential employer’s request.
I got the letter also and it seems like a way for allclearid.com to make money. it could be legit but is not convincing.
I agree–it clearly says that All Clear ID will require you to give “your personal information”. If they had all this info and it was hacked, they should have all this info. I shouldn’t have to furnish it again. Scary when you don’t know who to trust any more.
CICS contracts with AllClear – a well-known company, by the way – to provide services. They do not give them any personal info, though, as that would be an unauthorized disclosure. If you want the service, you contact AllClear and give them your info. Nothing shady about it.
My husband received one of these letters and I thought the same thing as some of you – he hasn’t used an employment service so this must be a scam. BUT… then I looked at the info we received from the Archdiocese of Portland last year after learning that my husband and many others we knew had fraudulent returns filed early in the tax season. Sure enough, CICS is the service that the Archdiocese used for its employee, parent and volunteer background checks up until last April. Due to the large number of people affected, the FBI has been looking into the process since then – I’m guessing this is result of that investigation.
You may be on to something with that connection. Thanks for posting that!
I got the same letter and I had my taxes fraudulently filed last year also. I’m from the Hillsboro area. Its definitely not a coincidence.
I also had a fraudulent tax return filed early last year and just received a letter from CICS this past week. They told me someone used my ID to apply for a job at Eastside Catholic School. I called EC and they told me a few others had called because they had received the same letter from CICS. They also said they have not used that company for background checks in over a year. It definitely sounds like there is a connection with this letter and fraudulent tax filings.
I think it’s scam. On the comment of mother who actually hasn’t apply for the job, dissent is answering that prospective employeer is seeking information. It’s irrelevent respond
Well my girlfriend just got the letter and called the FBI to be sure. Its real. The notice is not a fraud. Call the FBI if you want to see for yourself
Did anyone read the back of the letter…. the numbers for the free credit reports are legit Perhaps they should call one of the credit agencies….
It is not a scam, CICS is a legitimate screening company in Oregon. I would recommend you call them to find out who they screened you for (their client that placed the order.)
When I spoke with them, they said their records that were compromised were from 2005-2009. When I asked who ordered my screening it turned out it was for a previous employer back in 2007.
I was a victim. But for some reason I felt something wrong here.
I received the letter and was concerned that is was a scam as I have been self-employed for years. Yet my taxes were filed fraudulently last year and it was a huge hassle. I will follow up and contact the CICS call center number.
Not fake.. Called CICS and they have been holding on to my info including my SS number for 10 years!! The letter was sent to my parents house using their old contact info.. Ive moved twice, got married, and had two kids since the company I applied for requested a background check using CICS… TALK ABOUT RECKLESS
I just received a 1099 fraudulent tax return… I’ve tried talking to the IRS and they say I need to wait for the company who did the tax return(Amazon) to do their investigation…Anyone know of a good tax attorney? or suggestions? Thank you. Class action lawsuit anyone?
I don’t permit commenters to advertise services on this blog, so you won’t get any help with your first question here. If you received a fraudulent/inaccurate 1099, and you’ve already alerted the IRS, then you should place fraud alerts on credit reports from Experian, Equifax, TransUnion, and Innovis. If you contact one of the big 3, they’ll contact the other 2. I’m not sure they contact Innovis, though. See, for example: https://www.experian.com/fraud/center.html
Also request a copy of your credit report from each of them.
If you don’t need to apply for new credit in immediate future, put a credit freeze on your reports. If you indicate that you’re already an ID theft victim, there generally won’t be any fees for that.
The other thing you should do is file a police report and record the complaint number for your files. To help you prepare that report, file a complaint with the FTC, which becomes an affidavit: http://ftc.gov/complaint.
The FTC provides good information on what to do and links to other agencies where you can get info and help:
http://www.consumer.ftc.gov/blog/network-id-theft-victim-assistance-coalitions-here-help