Recently, furniture retailer American Freight, LLC (“American Freight”) suffered a data breach from an unauthorized party accessing employee email accounts. Although the breach occurred in November and December 2020, the company only recently sent data breach notification letters on August 23, 2021. In this letter, American Freight describes the information accessed by the third party, which may include: full names, addresses, bank account numbers, credit card numbers, security codes, PINs, passwords, and access codes. Essentially, any information contained in an email or an attachment located in any of the hacked email accounts has been compromised. This is exactly the type of data breach that can result in a consumer being the victim of identity theft or other financial loss.
Too often, people ignore data breach notifications because they assume it can’t happen to them. However, in recent years, cases of identity theft have increased. If you’ve recently received a data breach letter from American Freight, it’s essential that you treat the situation with the seriousness it deserves. In addition, you may be entitled to financial compensation in a data breach legal action if it appears that American Freight has mismanaged your data leading to the breach.
Can Data Breach Victims Hold U.S. Freight Financially Responsible?
Have you ever thought that by entrusting your business to American Freight, you would be handing over your personal information to a complete stranger? Probably not. As a customer, you expect businesses to protect your sensitive information.
Indeed, companies like American Freight have a legal obligation to protect your personal, identifying and financial information. If a business isn’t protecting your data, you can take data breach lawsuit against the business. Of course, data breach and consumer privacy laws are complex, and it’s too early to tell if American Freight could have done more to prevent the data breach. However, our data breach law firm is currently investigating whether there is a possible data breach class action lawsuit against American Freight, LLC. If you have any questions about your ability to bring an American Freight class action lawsuit, it is important that you contact a data breach attorney as soon as possible.
What to do if you receive a US Freight Data Breach Letter
If American Freight, LLC has sent you a data breach notification letter, it’s important that you take a moment to think about what just happened. An unauthorized person gained access to an American Freight employee’s email account. Your personal information is contained in one of the emails or in an attachment. It is not clear why the third party searched for your data; however, you cannot rule out the possibility of criminal intent. While receiving a data breach letter isn’t a guarantee that you’ll be a victim of identity theft, it’s worth taking steps to protect yourself. Below are some ways to protect yourself against identity theft and other possible financial risks that can arise from a data breach:
Read American Freight’s data breach letter carefully to determine what information is available to you;
Make a copy of the letter for your records;
Sign up for the free credit monitoring service provided by American Freight, LLC;
Change the passwords of all your online accounts;
Frequently check your credit card and bank accounts for signs of suspicious activity, fraud or identity theft;
Monitor your credit report for any unexpected changes that could be a sign of identity theft;
Contact one of the major credit bureaus and ask them to add a fraud alert to your account; and
Notify your banks and credit card companies of the data breach.
About American Freight, LLC
Founded in 1994, American Freight is a furniture retailer based in Delaware, Ohio. The company was founded to meet the needs of hardworking families who were looking for reasonably priced furniture options. The company has grown rapidly, and as of 2014, it operated 95 stores in 18 states. In 2020, American Freight partnered with Sears Outlet and FFO Home to create the new American Freight Company. American Freight currently operates more than 350 locations in 40 states and Puerto Rico. American Freight generates approximately $ 145 million in revenue each year.
The details of American Freight, LLC’s consumer data breach
According to official sources, on June 11, 2021, American Freight first reported a data breach that allegedly compromised the personal information of more than 36,000 consumers. Obviously, around this time, American Freight realized that an unauthorized party had gained access to the email accounts of a small number of employees. American Freight investigated the incident and it was determined that any information in an employee’s email account, or an attachment to an email, was accessible by the unauthorized third party. This information includes full names, addresses, bank account numbers, credit card numbers, security codes, PINs, passwords, and access codes. It was also discovered that the data was accessible to the third party between November 24, 2020 and December 9, 2020.
Below is a copy of the data breach letter issued by American Freight, LLC (the actual notice sent to consumers can be found here). The copy below is unedited.
American Freight, LLC and its subsidiaries and affiliates, including American Freight Outlet Stores, LLC (“American Freight”), understand the importance of protecting and securing the personal information we maintain. I am writing to inform you of an incident which may have involved some of your information. This notice explains the incident, the actions we took, and some actions you may consider taking.
The investigation determined that an unauthorized person had access to the content of the accounts at various times between November 24, 2020 and December 9, 2020. The investigation did not determine whether the unauthorized person had viewed the content of the accounts. mailbox in question. We searched the contents of the accounts to identify documents containing personal information that may have been viewed or acquired and on June 11, 2021, we determined that an email or attachment contained your
Visit https://enroll.krollmonitoring.com to activate and enjoy your identity monitoring services. You have until November 2, 2021 to activate your identity monitoring services. Membership number:
Your trust and confidence are important to us, and we regret any inconvenience or concerns this incident may cause. To help better protect against an incident like this, we are taking steps to improve our existing security protocols and re-educate our staff to be aware of these types of incidents. If you have any questions, please call 1 – ??? – ??? – ????, Monday through Friday, 8:00 a.m. to 5:30 p.m. Central Time, excluding certain public holidays in the United States.