What happened?
From Console and Associates P.C. via JD Supra:
On January 25, 2023, Andrews McMeel Universal (“AMU”) filed a notice of data breach with the Attorney General of New Hampshire after discovering that an unauthorized party was able to access confidential consumer information maintained on the company’s IT network. In this notice, AMU explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, dates of birth, financial account information, driver’s license numbers, passport numbers, health insurance information, and medical information. Upon completing its investigation, AMU began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.
AMU’s filing with the Attorney General of New Hampshire provides some important information on what led up to the breach. According to this source, on November 19, 2023[sic – should read 2022], AMU experienced a network disruption. In response, AMU took the necessary steps to secure its computer system and then launched an investigation into the incident with the assistance of third-party data security specialists.
The AMU investigation confirmed that an unauthorized party was able to access portions of the company’s network, including files containing confidential information pertaining to current and past employees and 1099 contractors.
People who received those “data breach notification letters” are now receiving notice of a proposed settlement to the class action suit that was filed.
• A proposed Settlement has been reached in a class action lawsuit known as Kathie Kerr, et al. v. Andrews McMeel Universal, Inc., Case No. 2316-CV12523 filed in the Circuit Court of Jackson County, State of Missouri (“the Action”).
• This Action arises out of unauthorized access to AMU’s systems in or about November 2022 (the “Data Incident”), and allegations concerning certain files potentially accessed during the Data Incident that may have contained personally identifiable information (“Private Information”) about persons that was provided to AMU (directly or by third parties on those persons’ behalf).
• All Settlement Class Members can receive the following benefits from the Settlement…