On July 17, Dell & Dean’s external counsel informed the Maine Attorney General’s Office about a data breach that occurred in September 2022, affecting 6,803 individuals. The breach, which was discovered on September 29, 2022, led to a significant compromise of the firm’s server infrastructure, causing systems to go offline. Dell & Dean initiated efforts to restore their systems and engaged a forensic investigation firm to assess the extent of the breach and identify impacted individuals.
The investigation revealed that unauthorized access to Dell & Dean’s systems occurred around September 28-29, 2022. The forensic team identified certain files that may have been accessed or acquired during the incident. The firm conducted a comprehensive manual review of these files to determine which individuals’ personal information was involved. This review process was completed by May 30, 2024.
Dell & Dean’s notification to affected individuals has been delayed by nearly 21 months. The firm has assured that they have taken steps to confirm that the compromised data is no longer in possession of the third parties involved. They are offering 12 months of complimentary mitigation services through Equifax to those affected, encouraging enrollment to safeguard against potential risks.
The notification letter raises concerns about the delayed communication and whether it might influence the recipients’ response to the mitigation services offered. While Dell & Dean has emphasized the precautionary nature of their notification, the delay in informing affected individuals may lead to questions about the adequacy of their response and the effectiveness of their offered services.
Reference: