application/pdf 2009-01-12T10:43:29-06:00 7 Hack reveals personal information about names, addresses, Social Security numbers and dates of birth of over 92,000, including 325 Maine residents 20080818-InterActive_Financial.pdf ‘: l J ii • • ° "` ia py as Iiiterfe Financial Marketing Group August 18, 2008 CONSUMER PROTECTION Dl\/lSlON Office of the Attorney General ii Consumer Protection AUG 2 2 mma Attn: Linda Conti Augusta, ME 04333 Re: Security Breach State A gency Notice Dear Ms. Conti: Pursuant to Maine Stat., Tit. 10, §l348, lnterActive Financial Marketing Group, a division of Dominion Enterprises located in Richmond, Virginia, is writing to notify you of a security breach that involves the infomation of Maine residents. InterActive Financial Marketing Group acts as a lead generation source for automobile dealers who finance the sale of their motor vehicles to consumers in various states, including Maine. On various dates between November 2007 and February 2008, an unknown and unauthorized third party hacked into and gained access to one of our computer servers. This server is used to store information we receive from consumers through our websites. The illegally accessed electronic data includes the names, addresses, birthdates, and social security numbers of our consumers. No consumer credit card account information was stored on the illegally accessed sewer. The number of Maine residents affected is 325 as of the date of this notice. We have sent, or will soon send, notice of this security breach to all identified consumers. A copy of our consumer notice letter is enclosed with this letter. We are also notifying each ofthe three nationwide credit reporting agencies about the timing, content, and distribution of our consumer notices. We have engaged a computer security and forensics expert to help investigate the scope, nature and cause of this unauthorized intrusion into our computer server. We have implemented enhanced network configuration, database, and software security measures and will continue to devote resources to prevent a similar security breach in the future. None of our consumers has informed us that any third party has made unauthorized use of their infomation as ofthe date of this notice, but we are offering all identified consumers access to credit monitoring services for one year at our expense. Our consumer notice Eetter also supplies those people with a toll—free telephone number and our contact information if they have any further questions or want additional assistance. l 14 Virginia Street Richmond,VA 232l9 ph 804.225. I 880 tax $04225.1885 www.carloan.eoin www.autoloan.com l 800—Aut0-Loan www.lnterActivet`mg.com gh You - · a atiittat tt»at»sri ) lvmkedng Group Please contact Rich Crawford at (7*57) 35 l—8093 if you have any questions regarding this letter. ? / lZn Financial Mar eting Group J7 t Enclosure i ` i RC/kai t 14 Virginia Street Richmond,\/A 232l9 ph 804.2%.1880 fax 804.225.l885 www.csarloan.coin wwv»·.autoloan.com 1800-Auto—Loan www.lnte1·Activet`mg.com I | • " InterAct1ve Financial Marketing Group August 19, 2008 You previously submitted your personal information to lnterActive Financial Marketing Group ("lFMG") through carIoan.com. l am writing to advise you of an incident that may affect your per- sonal information. Between November of 2007 and February 2008, an unknown third party gained access to one of our computer servers without authorization. This server was used to store information we receive from applicants through our websites. The illegally accessed data includes the information you pro- vided on your credit application, such as your name, address, birth date and social security number. We have investigated the scope, nature and cause of this unauthorized intrusion into our computer server. We have implemented additional security measures and will continue to devote ali avail- able resources to prevent this type of event from occurring in the future. We do not know whether your information has been illegally used, but your information may have been accessed. IFMG is advising you of this incident so that you may take steps to guard against any potential risk resulting from this incident. As a precaution, to help you detect any possible misuse of your data, IFMG has arranged for you to enroll in credit monitoring for one full year, at no cost to you. Specifically, we have engaged Con- sumerlnfocom, Inc., an Experian® company, to provide you with its Triple Alertsm product which in- cludes, among other offerings, daily monitoring of your credit report from all three nationwide credit reporting companies (Experian®, Equifax®, and TransUnion®), email alerts of key changes to your credit reports, tolI—free access to a dedicated team of fraud resolution representatives, and $25,000 Identity Theft Insurance provided by Virginia Surety Company, Inc. (Due to New York state laws restrictions, identity Theft insurance and Guarantee coverage cannot be offered to New York residents. All other benefits of Triple Alert are available to you.) The free credit monitoring product must be activated within 90 days of the date of this letter. To sign up, please visit [’]@gj_Q§§§Q_@QQ_[]_§Q§”_Q_Q[i_lQl_[Q_,_QQmj]_E[§{i§3_ and enter your individual activation code provided below. Please keep in mind that once activated, the code cannot be reused. You will be instructed on howto enroll in your complimentary credit monitoring product. lf you sign up, all credit reports and alerts will be delivered via email. ‘ Your Single Use Credit Monitoring Activation Code: _ i lf you have any questions, you may call the dedicated Privacy Help Line at 866-578-5407. Our repre- sentatives will be available to assist you Monday through Friday, between 6 a.m. and 6 p.m. PT. Regardless of whether you eiect to enroll in the credit monitoring product, IFMG strongly recom- mends that you remain vigilant and regularly review and monitor your credit reports and account statements to guard against any unauthorized transactions or activity. if you detect any suspicious activity on an account, you should promptly notify the financial institution or company with which the account is maintained. You also should promptly report fraudulent activity to proper law en- forcement authorities, including the Federal Trade Commission. You can learn more about how to protect yourself from becoming a victim of identity theft at the FTC’s website: i1ttp,·;;yw.yw.ftc.gcxr; 1;:careduAmtcroaitesri,otiiett1- ` You are also entitled under U.S. law to one free credit report annually from each ofthe three major credit bureaus. To order your free credit report, visit www.annuaicreditreport.coni or call toll-free (877} 322-8228. Or you may obtain a free credit report by calling any one of the three national credit reporting companies at the following tollfree numbers: Equifa><® at {800) 685-1111; Ex- perian® at (888)397—3742; and TransUnion® at (800) 916-8800. ln addition to obtaining a free credit report, you may contact any of the three national credit report- ing companies to place a “fraud alert" on your consumer credit file. This will alert creditors to take additional steps to verify the identity of anyone who applies for credit in your name. There is no charge for placing a fraud alert on your consumer credit files. The contact information of the na- tional credit reporting companies for purposes of placing a fraud alert on your account is: Equifax Experian Transunion P.0. Box 105069 P.O. Box 1017 P.0. Box 6790 Atlanta, GA 30348-5069 Allen, TX 75013 Fullerton, CA 92834 (800) 525-6285 (888) 397-3742 (800} 680-7289 ‘ htt : www.equifax.com htt ://www.ex erian.com http://www.transunion.com These credit reporting agencies can also provide you with information about the steps you can take if you also want to place a security freeze on your credit file and the cost for doing so. Protecting the privacy and security of your information is extremely important to us. IFMG wishes to reiterate that it has not learned about any misuse of your personal information at this time and that IFMG is tak- ing appropriate remedial steps, including enhancing security protocois. On behalf of IFMG, I apologize for any inconvenience or concern that this matter may cause for you. As noted, if you have any questions, please feel free to contact the dedicated Privacy Help Line at 866-578-5407, which has been established to assist you. Thank you very much. Sincerely, .t-t-— 1;; .t.— i r ~.,.c.,, r ul.- Rich Crawford lnterActive Financial Marketing Group 980 true 325 1 key-1jdj32w4fxfbfs6hy20s 10158793 316332 2008-08-18T10:00:00-05:00 2009-01-23T09:54:43-06:00