Another legal services vendor discloses a breach:
Compex Legal Services Inc. (“Compex”) recently discovered an incident that may have impacted the privacy of information related to certain individuals. Compex provides record retrieval and litigation support services to insurance carriers, third party administrators and law firms. As Compex continues to investigate and work toward notifying impacted individuals directly, Compex is providing information about the event, its response, and steps potentially impacted individuals can take to better protect against the possible misuse of their information should they feel it is appropriate to do so.
On April 17, 2024, Compex discovered suspicious activity on its network and promptly launched an investigation, with the assistance of third-party cybersecurity specialists, to determine the nature and scope of the activity. The investigation determined that Compex’s network was subject to unauthorized access starting on April 9, 2024, and that certain files were acquired by an unknown actor while on the network. Therefore, Compex is conducting a comprehensive review of the data determined to be at risk to assess what sensitive information is contained therein and to whom the information relates. Once this review is complete, Compex plans to mail notification letters directly to potentially impacted individuals for whom it has a valid mailing address. These letters will include resources that individuals can reference to further protect their information.
The types of potentially impacted information may include individuals’ names, date of birth, Social Security number, medical diagnosis and treatment information, medical record number and health insurance information. Compex encourages potentially affected individuals to remain vigilant against incidents of identity theft by reviewing their account statements and explanation of benefits for unusual activity.
Interested individuals can find additional information about the event at compexlegal.com.