Brattleboro Retreat and its legal partner Downs Rachlin Martin PLLC (DRM) reported an incident involving the theft of a laptop containing potentially sensitive personal information. The laptop, used by a DRM attorney, was stolen from a car. Although DRM’s security software initiated a remote wipe on April 7, 2024, the possibility remained that some data could have been exposed. The Retreat and DRM launched a detailed investigation to assess the information at risk and identify individuals potentially impacted by the event.
The investigation revealed that the stolen laptop may have contained various types of personal information, though specifics vary by individual. DRM emphasized that there is no evidence of identity theft or fraud resulting from the incident. Nevertheless, both organizations prioritized transparency by notifying affected individuals and providing clear guidance on how to protect their information. These notifications were coordinated between DRM and Brattleboro Retreat to ensure timely and accurate communication.
To address the incident, DRM took several measures, including reporting the theft to law enforcement, implementing remote data-wiping protocols, and conducting a comprehensive review with data privacy specialists. The organization also reinforced its data security practices among employees to prevent similar incidents in the future. Brattleboro Retreat and DRM have offered impacted individuals 24 months of complimentary credit monitoring and identity theft protection services through Experian, underscoring their commitment to mitigating potential harm.
Both organizations encourage individuals to remain vigilant against identity theft and fraud by monitoring account statements and credit reports for unusual activity. Additional resources and guidance are provided in the notification letters sent to affected individuals. For further support, individuals can contact DRM’s response team directly. Brattleboro Retreat and DRM expressed regret over the inconvenience caused by the event and reaffirmed their dedication to maintaining the privacy and security of personal information.
Reference:
