Port City Air Data Breach

Understanding the Port City Air Data Breach

Port City Air, Inc. (PCA), a comprehensive aviation service provider known for its maintenance, avionics, and commercial tech stops, recently experienced a data breach that has implications for its employees. On February 14, 2024, an accidental security breach occurred involving the company's payroll information, which was inadvertently transmitted to several current and former PCA personnel and one employee at UKG, the payroll software provider. The exposed data included sensitive information such as Social Security Numbers, dates of hire, gross pay, hours worked, and 401(k) contribution amounts.

Upon discovering the breach, PCA took immediate action to contain the incident and began their investigation. They advised affected individuals to delete the errant email, change their email passwords, and set up multi-factor authentication to enhance security.

Immediate Steps for Affected Individuals

If you believe you may have been affected by this breach, PCA has outlined several steps you should take to protect your information:

1. Permanently delete the email containing your payroll information from all accounts and devices.
2. Change the passwords for your work and personal email accounts.
3. Enable multi-factor authentication on your email accounts and other personal accounts where possible.

Additionally, PCA is offering a three-year subscription to Norton LifeLock at no cost to affected employees to help safeguard their identities. The service includes a range of features such as identity theft protection, credit monitoring, and alerts for suspicious activities. You can find more information and enroll in LifeLock services by following the provided QR codes.

Long-Term Measures and Support

PCA is committed to preventing future incidents by reviewing and updating their policies and procedures for storing and transmitting sensitive data. They are working closely with UKG to find a software-based solution to prevent similar disclosures and are in the process of removing personal email addresses from the payroll system.

For further assistance or if you have any questions regarding the breach, you are encouraged to contact Kathy Temple at ktemple@portcityair.com.

Reporting and Transparency

The breach has been reported to the Attorney General's office in Maine, and the disclosure is available for public viewing on the Maine Attorney General's website. A total of 125 individuals in the United States, including 12 in Maine, have been affected by this breach. PCA has been proactive in notifying consumers through written communication as of February 22, 2024.

Conclusion

Data breaches can be unsettling, but taking prompt and informed action can greatly reduce the risk of harm. Affected individuals should utilize the resources provided by PCA and stay vigilant for any signs of identity theft or unusual activity in their financial accounts. For more information about PCA and their services, you can visit their website.

Remember to stay informed, take proactive measures to protect your personal information, and reach out for support when needed.