AFTRA Retirement Fund - Notice of Data Privacy Event

NEW YORK, Feb. 25, 2020 /PRNewswire/ -- AFTRA Retirement Fund (hereafter referred to as "We", "AFTRA", "Our") announced today that a recent event may have impacted the security of personal information of certain current and former plan members of SAG-AFTRA Health Plan (hereafter referred to as "Health Plan"). In 2017, the AFTRA Health Fund merged with the SAG - Producers Health Plan to form the Health Plan.

What Happened? On October 28, 2019, AFTRA received an alert of suspicious activity in its environment. AFTRA immediately launched an investigation into the nature and scope of the incident. As part of the investigation, which was conducted with the assistance of a third-party forensic expert, it was determined that an unauthorized individual accessed AFTRA employees' credit card information and made a small amount of unauthorized purchases using that information. AFTRA also determined that certain files and folders on AFTRA's network may have been subject to unauthorized access for periods of time between October 24, 2019 and October 28, 2019.  At this time, AFTRA does not have evidence that files containing personal information were accessed; however, access to these files could not be ruled out.  Out of an abundance of caution, AFTRA then undertook a time-consuming review of all the files and folders that may have been accessed to determine what sensitive information they may contain. 

After several months of a thorough investigation, AFTRA completed an analysis of the contents of the files and folders and prepared a list of potentially impacted individuals whose information was determined to be present and possibly viewable by the unauthorized individual. AFTRA is mailing notification to those individuals impacted by this incident.

What Information Was Involved?  AFTRA determined that the type of information potentially impacted may vary by individual and that the following types of information may be impacted: Name, SSN, AFTRA Number, Date of Birth, Date of Death, Address, Past Information about: eligibility, dependent(s), claims, earnings, contributions, and beneficiaries. The information potentially impacted varied by individual. Once again, AFTRA does not have evidence that personal information has been accessed but it cannot be ruled out and AFTRA is notifying individuals out of an abundance of caution.

What AFTRA Is Doing.  AFTRA takes this incident and the security of information in its care very seriously. AFTRA is reviewing its existing security measures and working to implement additional safeguards to prevent similar incidents from occurring in the future. AFTRA will also notify the Office of Civil Rights at the Department of Health and Human Services and any required state or federal regulators regarding this incident.

What Potentially Affected Individuals Can Do.  As a best practice, you should always carefully review your Explanations of Benefits for suspicious or unauthorized activity, and report any instances of fraud to law enforcement. You should also review your account statements for suspicious activity.  If you see any unauthorized charges, promptly contact the bank or credit card company. 

AFTRA's notification to potentially impacted individuals includes information on obtaining a free credit report annually from each of the three major credit reporting bureaus by visiting www.annualcreditreport.com, calling 877-322-8228, or contacting the three major credit bureaus directly at: Equifax, P.O. Box 105069, Atlanta, GA, 30348, 800-525-6285, www.equifax.com; Experian, P.O. Box 2002, Allen, TX 75013, 888-397-3742, www.experian.com; TransUnion, P.O. Box 2000, Chester, PA 19016, 800-680-7289, www.transunion.com. Potentially impacted individuals may also find information regarding identity theft, fraud alerts, security freezes and the steps they may take to protect their information by contacting the credit bureaus, the Federal Trade Commission or their state Attorney General.  The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580; www.identitytheft.gov; 1-877-ID-THEFT (1-877-438-4338); and TTY: 1-866-653-4261.  Instances of known or suspected identity theft should also be reported to law enforcement or the individual's state Attorney General.  AFTRA provided notice of this incident to the U.S. Department of Health and Human Services, as well as required state regulators. 

AFTRA set up a call center to answer questions from those who may have been impacted by this incident. The call center can be reached at 1-844-936-0060 Monday through Friday, 9:00 a.m. to 6:30 p.m. ET (excluding some U.S. holidays).

Additional information on how potentially impacted individuals can protect themselves can also be found at AFTRA's website: https://aftraretirement.org.

Cision

View original content:http://www.prnewswire.com/news-releases/aftra-retirement-fund---notice-of-data-privacy-event-301011163.html

SOURCE AFTRA Retirement Fund