Real estate management company JCM Partners recently began notifying an undisclosed number of housing applicants that their personal information had been exposed online.
On March 6, 2014, the company learned that a file containing housing applicants’ names, Social Security numbers, driver’s license numbers, e-mail addresses and mailing addresses had been taken from a JCM database and posted on an “unauthorized Web site.”
It’s unclear from the notification letter [PDF] whether the database was accessed by a company insider, or breached by hackers. It’s also unclear when the breach occurred.
The file has since been removed from the unauthorized site, and JCM has retained a third party security expert to investigate the breach. “Working with this security expert, we also took steps to better protect the security of personal information at JCM,” company COO Brian Rein wrote in the notification letter [PDF]. “The investigation is ongoing.”
While the company hasn’t received any reports of fraud or identity theft resulting from the incident, all those affected are being offered 12 months of free identity protection services from AllClear ID.