Mashka | Shutterstock

According to a story in Cybernews, Chemonics has revealed that the personal information of more than 263,000 was exposed in a data breach that began on May 30, 2023. Chemonics says they discovered suspicious activity on certain user accounts on December 15, 2023. They immediately activated their response protocols including password resets and disabling impacted accounts. An investigation was conducted with cybersecurity experts to determine the nature and scope of the breach. They also notified their clients and appropriate law enforcement. Letters were sent to the individuals exposed along with the offer of two years of identity protection services. A dedicated call center was also set up to provide support to impacted individuals.

This can happen to any firm. Timely mitigation, disclosure and notification of the data subjects are essential and required by data privacy laws. USAID and Federal law enforcement agencies take data breaches seriously, especially of this magnitude and if they involve the personal information of government employees. Quick action to protect the individuals impacted is essential. Offering identity protection to victims is helpful. Keep in mind that such services are not as effective outside the U.S. as each country has different laws, regulations, and banking systems that do not lend themselves to ready monitoring and notification.

 

 

Read the Cybernews story here.