CGM, Inc., a software development and data processing company based in Roswell, Georgia, experienced a data breach, prompting the filing of a notice with the Attorney General of Maine. The breach, discovered on December 28, 2022, involved unauthorized access to CGM’s computer system, leading to the exposure of confidential consumer information, including names and driver’s license numbers. In response, CGM took immediate action by securing its network and collaborating with third-party data security specialists to investigate the cyberattack.
Upon confirming the unauthorized access and compromised data, CGM initiated the process of notifying affected individuals. On June 7, 2023, data breach notification letters were sent out to all individuals impacted by the incident. The letters provided details about the breach, the nature of the compromised information, and steps taken by CGM to address the situation. The breached information, varying for each individual, may include names and driver’s license numbers.
CGM, Inc. offers a Software as a Service (SAAS) solution, assisting wireless and broadband companies in participating in federal programs such as the Affordable Connectivity Program (ACP) and Lifeline Program. The company’s services involve subscriber eligibility determination, enrollment of low-income households, tracking agent and distribution activity, federal and state reimbursement calculations, and audit support. With over 25 employees, CGM generates approximately $6 million in annual revenue. The breach highlights the importance of cybersecurity measures to protect sensitive consumer data.
