HRC Data Breach Exposes Sensitive Info Including Social Security Numbers

The October 2023 Data Breach

On October 31, 2023, Human Resource Concepts, LLC d/b/a HRC Total Solutions experienced a security incident where an unauthorized individual gained access to sensitive personal information. This breach occurred when the perpetrator successfully impersonated certain Gordon College employees by providing HRC with their account security credentials. Upon discovering the breach, HRC promptly informed Gordon College and initiated a thorough internal investigation to assess the extent and nature of the breach.

Information Exposed

During the breach, the following types of consumer information were potentially accessed:

• Name
• Date of birth
• Social security number
• Financial account information
• Tax identification number
• Medical information

HRC Total Solutions' Response

In response to the data breach, HRC has taken several steps to secure its systems and support affected individuals. The company immediately locked the impacted accounts and coordinated with Gordon College to arrange video conferences with affected account holders before unlocking the accounts. More complex password requirements have been implemented to enhance account security. Additionally, HRC has reported the incident to the Manchester Police Department and updated its policies and procedures related to account holder screening. Ongoing reviews and enhancements to these policies are planned to further strengthen security.

HRC is also offering affected individuals access to Single Bureau Credit Monitoring, Single Bureau Credit Report, and Single Bureau Credit Score services at no charge for 24 months. These services include alerts for changes in credit files, identity theft insurance up to $1,000,000, and proactive fraud assistance through Cyberscout and Identity Force. Enrollment details and more information can be found on the Identity Force website.

Steps to Take if You Are Affected

If you believe your information may have been compromised in this breach, it is crucial to take immediate action to protect your identity and financial health:

1. Change passwords for all financial accounts as a precaution.
2. Remain vigilant by monitoring your account statements and credit reports for any unauthorized or suspicious activity.
3. Consider placing a fraud alert on your credit files, which makes it harder for identity thieves to open accounts in your name. Contact one of the three major credit bureaus to place a fraud alert:
1. Experian
2. TransUnion
3. Equifax

1. You may also want to place a security freeze on your credit reports, which prevents creditors from accessing your credit report entirely. This can prevent new account openings in your name.
2. Stay informed about your rights and steps to protect yourself from identity theft by visiting the Federal Trade Commission’s Identity Theft website.

For more detailed information, including how to enroll in the free credit monitoring services provided by HRC, please refer to the Notice to Consumers.