In January 2024, Georgia Family Connection Partnership (GaFCP) discovered suspicious activity involving one of its employee email accounts, which led to further investigation. The organization took immediate steps to secure its email system and network and began collaborating with third-party computer specialists to assess the scope of the issue. The incident was reported to federal law enforcement authorities. By April 2024, the investigation confirmed that three employee email accounts had been accessed without authorization, prompting a comprehensive review of the affected accounts’ contents.
GaFCP’s investigation, which took several months, concluded in August 2024. During this review, the organization identified that personal information stored in the compromised email accounts could have been exposed. Although there was no evidence to suggest that any information had been misused, GaFCP decided to notify individuals whose data may have been impacted. The affected information potentially included personal details such as first and last names, along with other sensitive data, depending on the individual.
In response to the incident, GaFCP has taken several protective measures. The organization worked with third-party forensic specialists to thoroughly investigate the breach and strengthen its security systems. As a precautionary measure, GaFCP is offering affected individuals complimentary identity theft protection services through IDX, a reputable data breach recovery service provider. These services include credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and identity theft recovery assistance, all provided at no cost to the individuals impacted by the breach.
GaFCP is also advising affected individuals on additional steps they can take to protect themselves from potential identity theft and fraud. This includes regularly reviewing account statements and credit history for any unusual activity. GaFCP encourages individuals to promptly report any suspicious transactions to their financial institutions and take advantage of the complimentary identity monitoring services offered. The organization has provided further guidance on protecting personal information and mitigating risks associated with the incident.
Reference:
