Perry Johnson, Inc. recently informed individuals about a potential data security incident that may have affected the security of their personal information. While there is currently no evidence indicating that identity theft has occurred as a result of this breach, PJI is reaching out to provide transparency regarding what happened, what actions are being taken, and the complimentary identity monitoring services being offered to impacted individuals. The company emphasizes its commitment to addressing the situation and protecting the personal information of those who may have been affected.
The incident occurred while PJI was providing administrative and technical support to certain companies, including organizations where individuals were employed, contracted, or served as vendors. Between March 27, 2023, and May 2, 2023, an unauthorized actor gained access to PJI’s systems, prompting the company to notify law enforcement and launch an internal investigation. To assist in this effort, PJI engaged a cybersecurity firm to contain the threat, investigate the breach, and determine the scope of the incident.
On June 14, 2024, the cybersecurity firm preliminarily concluded that some personal information was included in the affected systems. The investigation continued until June 26, 2024, but it could not definitively establish whether the data of employees, vendors, or contractors had been accessed or acquired. Despite this uncertainty, PJI opted to inform those whose personal information was present in the compromised systems as a precautionary measure, demonstrating the company’s dedication to transparency and consumer protection.
In response to the incident, PJI has been evaluating its notification obligations and taking steps to inform potentially impacted individuals. The company is actively assessing its cybersecurity controls to enhance its security measures and reduce the risk of similar incidents occurring in the future. As an added precaution, PJI has secured the services of IDX to provide complimentary identity monitoring services for 24 months, which include credit and CyberScan monitoring, a $1 million insurance reimbursement policy, and fully managed identity theft recovery services. Individuals are encouraged to enroll by November 23, 2024, to take advantage of these protective measures.
Reference: