Recently, the technology consulting firm Aditi Consulting announced a data breach stemming from what the company referred to as a “security event.” Details about the breach are still forthcoming; however, Aditi Consulting confirmed that the breach followed a “sophisticated cyber-attack.” As a result of this data breach, the names and Social Security numbers of more than 5,000 current and former employees and consultants were compromised.
Given the recency of this breach, little is known about what caused it and whether there was anything that could have been done to prevent it. However, data breaches such as this one can occur in a variety of different ways. In many cases, data breaches are the result of a hacker breaching an organization’s network with the intent of accessing—and potentially obtaining—sensitive consumer information. While there is no telling why Aditi Consulting was the target of this recent cyberattack, it is common for hackers to target companies that have weak data-security systems.
After an unauthorized party gains access to a company’s network, they may remove any consumer information located on the network. Due to technological limitations, however, most companies cannot identify exactly which parties’ information was accessed or whether the hacker removed any of the accessible data. All a company can tell consumers is that their information was accessible by an unauthorized party. Regardless, those whose information is compromised in a data breach are at a much higher risk of identity theft. Given these risks, it is important for those who received a data breach letter from Aditi Consulting to take the appropriate steps to protect themselves and enforce their rights as consumers.
Those in receipt of a data breach letter from Aditi Consulting should make themselves aware of the risks data breaches present and take the steps necessary to limit another’s ability to steal their identity. Of course, the fact that your data was among that which was accessible doesn’t necessarily mean the unauthorized party will steal your identity or use it for other criminal purposes. However, often that is exactly their intention. This has especially been the case since the beginning of the COVID-19 pandemic, which presented an opportunity for many hackers to take advantage of companies as they dealt with a host of other issues unrelated to cybersecurity.
However, companies like Aditi Consulting have a duty to protect consumer data, regardless of the surrounding circumstances. If evidence emerges that your sensitive information was mishandled leading up to the breach, you may be eligible for financial compensation through a data breach lawsuit.
Are Consumers Impacted by the Aditi Consulting Data Breach Entitled to Financial Compensation?
When you decided to work with Aditi Consulting, you provided the company with your personal information, and you trusted it would keep your information secure. Certainly, anyone in your position would have done the same thing. However, news of this data breach raises some concerning questions about the adequacy of the company’s data security measures.
All companies have an ethical and legal obligation to ensure the sensitive employee information in their possession remains private. And, while developing and maintaining an effective data security system is burdensome, it is a necessary cost of doing business in an environment where the threat of cyberattacks is constant.
United States data breach laws permit consumers to hold companies liable for the misuse of or negligently handling of their data. However, these laws are very complex, and news of the Aditi Consulting data breach is still fresh. Thus, for now, there is not yet any evidence indicating that Aditi Consulting bears responsibility for the cyberattack. However, that could change, as our data breach lawyers are looking into the breach to determine what legal remedies consumers may have against the company.
If you have questions about your ability to bring a data breach class action lawsuit against Aditi Consulting, you should contact a data breach attorney as soon as possible.
What to Do if You Received a Data Breach Notification from Aditi Consulting
If Aditi Consulting sent you a data breach letter, it means that you were among those whose personal data was accessible in the recent data breach. This means that a total stranger—possibly a criminal—could have accessed, viewed, and stolen your information. While no one can be sure why a hacker would want your information or what they wanted to do with it, the situation certainly justifies a certain amount of caution on your part. Given the risks involved, it is essential that you remain vigilant to protect yourself from the increased risk of identity theft by taking the following steps:
About Aditi Consulting
Aditi Consulting is a technology solutions company that provides Project Solutions, as well as “Talent on Demand” services. The company’s Talent on Demand service connects businesses with qualified applicants and handles much of the interview and selection process. Through this service and the others it provides, Aditi Consulting aims to help its corporate clients accelerate growth by meeting their unique staffing and technological needs. Aditi Consulting has 60+ clients in the Fortune 500 and operates in all 50 states. The company has more than 700 consultants on staff and has worked on over 300 projects to date.
The Details of the Aditi Consulting Consumer Data Breach
According to the most recent filings by Aditi Consulting, on December 14, 2021, the company noticed suspicious activity on some of its computer systems.Aditi Consulting investigated the activity, confirming that the company’s network was the subject of a “sophisticated cyber-attack.” As a result of the breach, the names and Social Security numbers of 5,216 current and former employees and consultants were accessible to the unauthorized party on December 9, 2021.
Subsequently, Aditi Consulting began sending out written notice of the breach to all affected parties. In these letters, the company describes what occurred and lays out a few steps employees and consultants can take to protect themselves. While Aditi Consulting cannot confirm that any of the compromised information was used by the unauthorized party, the company encourages those who received a data breach letter to keep a lookout for any signs of identity theft, fraud, or other unauthorized activity.
Below is a copy of the initial data breach letter issued by Aditi Consulting (a sample of the actual notice sent to consumers can be found here):
Dear [Consumer],
Aditi Consulting (“Aditi”) writes to inform you of an incident that may affect the security of some of your information. We are providing you with an overview of the incident, our response, and steps you may take to better protect yourself, should you wish to do so.
What Happened? On December 14, 2021, Aditi identified suspicious activity related to certain computer systems, and subsequently discovered our network was the target of a sophisticated cyber-attack. We moved quickly to secure the network, and began an investigation with the assistance of third-party computer specialists to identify what happened and confirm what information may have been involved. While our investigation is ongoing, to date, we determined that certain documents containing information relating to current and former employees and/or consultants, including you, were taken from our network by an unauthorized actor on or about December 9, 2021.
What Information Was Involved? The information that was impacted includes your name and Social Security number.
What Are We Doing? Following this incident, we took immediate steps to secure our environment and increase our security posture moving forward. To help you protect against potential misuse of your information, we are offering you free credit monitoring services through Experian for one (1) year, and encourage you to enroll yourself in these services. If you would like to enroll in the free credit monitoring services, please follow the instructions below. Please note, you will need to enroll yourself in the services if you would like to do so, as we are unable to enroll you on your behalf.
What Can You Do. We encourage you to review the enclosed Steps You Can Take To Help Protect Your Information for additional guidance on what you can do to better protect against the possibility of identity theft and fraud, should you feel it is appropriate to do so. You may also activate the complimentary credit and identity monitoring services we are offering.
For More Information. We understand that you may have questions about this incident that are not addressed in this letter. If you have additional questions, please call our dedicated assistance line at (866) 579-4428. Please be prepared to provide Engagement Number B023601 upon calling.
We sincerely regret any inconvenience or concern this incident has caused.
