[BreachExchange] Vesta Property Group Notifies Individuals of Data Security Incident

Terrell Byrd terrell.byrd at riskbasedsecurity.com
Thu Jan 13 10:05:56 EST 2022


https://finance.yahoo.com/news/vesta-property-group-notifies-individuals-210000035.html

Vesta Property Services, Inc. ("Vesta"), an organization that provides
association management services to developers of planned unit communities,
condominium associations, homeowners associations and property owners
associations announced today that it is notifying certain individuals whose
information may have been involved in recent data security incidents. Vesta
is committed to keeping the community informed, communicating about the
steps it is taking toward resolution, and ensuring impacted individuals
have the tools they need to minimize the impact of the incident.

On or about October 22, 2021, and November 19, 2021, Vesta discovered that
it was the victim of a cyber-attack that impacted its systems and servers
at some of its locations. At that time, Vesta’s technology team acted
quickly to restore and secure its systems. Vesta immediately engaged
independent third-party cybersecurity experts to assist in the remediation
and investigation and contacted the FBI.

The investigation is ongoing, but Vesta believe that the unauthorized
individual could have potentially accessed or obtained protected personal
information. With this said, as of the date of this release, Vesta has no
evidence indicating that any information has been used for identity theft
or financial fraud.

The types of protected personal information potentially involved could
include first and last name, address, phone number, and financial account
information.

Further, Vesta is offering complimentary identity monitoring and protection
services for individuals who believe that they were impacted by this
incident. Vesta recommends that these individuals enroll in the services
provided to increase the likelihood that their information remains
protected. If you believe that your information was involved and want to
know more about these services, please call the dedicated toll-free
helpline set up specifically for this purpose at 1-833-770-0725, Monday
through Friday, 8:00 a.m. to 8:00 p.m. (EST) (excluding major U.S.
holidays).

The security and privacy of the information contained within its systems is
a top priority for us. In response to this incident, Vesta is implementing
additional safeguards to its existing cybersecurity infrastructure and
enhancing its staff cybersecurity training. Further, Vesta is working with
its external legal and cybersecurity experts to improve its cybersecurity
policies, procedures, and protocols to help minimize the likelihood of this
type of incident occurring again.

"We were upset to learn that we were one of thousands of organizations
dealing with these types of incidents," explained David Surface, Vesta’s
CEO. "We take the security and privacy of the information contained in our
systems with the utmost seriousness. We are fully committed to protecting
the information of our staff, customers, and anyone else our business
receives information from. We apologize for the inconvenience this incident
caused. We truly thank the community, the entire Vesta family, and all of
our partners for the continued support and understanding during this
incident."

Vesta recommends that individuals remain vigilant by closely reviewing
their account statements and credit reports as a precautionary measure. In
addition, Vesta strongly advises that the account holder promptly notify
the financial institution or company that maintains the account if any
suspicious activity is detected. Further, individuals should promptly
report any fraudulent activity or any suspected incidence of identity theft
to proper law enforcement authorities, including their state attorney
general and the Federal Trade Commission (FTC). To file a complaint or to
contact the FTC, you can (1) send a letter to the Federal Trade Commission,
Consumer Response Center, 600 Pennsylvania Avenue NW, Washington, DC 20580;
(2) go to IdentityTheft.gov/databreach; or (3) call 1-877-ID-THEFT
(877-438-4338). Complaints filed with the FTC will be added to the FTC's
Identity Theft Data Clearinghouse, a database made available to law
enforcement agencies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20220113/94f37823/attachment.html>


More information about the BreachExchange mailing list