Breach

Nearly 8,500 notification letters sent out in Metropolitan Companies breach

June 20, 2014

About 8,500 notification letters are being sent out to individuals employed by, or who submitted an application for employment to, New York-based The Metropolitan Companies, Inc. – alerting them that an unauthorized third party may have gained access to their personal information, including Social Security numbers.

How many victims? 8,423, a spokesperson told SCMagazine.com in a Thursday email. 

What type of personal information? Names, addresses, phone numbers, email addresses, Social Security numbers, dates of birth, past education, work history, and certain financial information.

What happened? An unauthorized third party gained access to Metropolitan Companies computer systems and potentially removed documents containing the data.

What was the response? Upon discovery, all access to systems was removed and outside data forensics experts conducted an investigation. Measures being taken to strengthen security include increasing firewall protections, and enhancing threat detection and monitoring capabilities. All impacted individuals are being notified, and offered a free year of credit monitoring and identity theft protection services.

Details: The incident was discovered on April 21. Metropolitan Companies includes Metropolitan Interpreters and Translators, Inc., Metlang LLC, Metropolitan Hospitality, Inc., CTI Metropolitan LLC, and Metropolitan Temporaries.

Quote: “At this time, we are not aware of any misuse of your information,” Steven Herfield, president and CEO of Metropolitan Companies, wrote in the notification letter.

Source: oag.ca.gov, “Metropolitan Companies notice,” June 18, 2014.

prestitial ad