On August 4, 2002, Filters-NOW, LLC reported a data breach with the Texas Attorney General’s office. Prior to this, the company also reported the breach to various other state government entities, for example, the Montana Attorney General’s office on July 19, 2022. According to Filters Now, the breach resulted in the names, credit or debit card numbers and expiration dates of certain individuals being compromised. After confirming the breach and identifying all affected parties, Filters-Now.com began sending out data breach letters to all affected parties.
If you receive a data breach notification, it is essential that you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Filters-Now.com data breach, please see our recent piece on the topic here.
What We Know About the Filters-Now.com Data Breach
The information about the Filters-NOW, LLC data breach comes from several of the documents the company filed with various state attorney generals’ offices. According to the most recent information, on around March 17, 2022, Filters Now detected suspicious activity in a database the company used to store consumer credit card information obtained through its website, www.filters-now.com. In response, the company launched an investigation into the incident in hopes of learning more about its causes as well as whether any consumer data was leaked as a result.
More recently, and as a result of the company’s investigation, Filters Now learned that an unauthorized party had access to the database between July 23, 2019 and March 8, 2022. In its data breach letter to affected consumers, Filters Now notes that “although credit card numbers were tokenized and protected by encryption, the investigation was unable to rule out the possibility that credit card numbers could have been accessed by the threat actor.”
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Filters-Now.com began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. While the breached information varies depending on the individual, it may include your name and credit or debit card information, including the expiration date.
In July 2022, and again on August 4, 2022, Filters-Now.com sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
More Information About Filters-NOW, LLC
Based in Creola, Alabama, Filters-NOW, LLC is an online retailer of air filters for furnaces and air conditioner units. The company is owned and operated by Protect Plus Air Holdings (“PPA Holdings”), which is based in Hickory, North Carolina. Filters-NOW, LLC sells filters from a wide range of manufacturers, including Arm & Hammer, Dupont, Honeywell, Accumulair, Purafilter 200 and more. Filters-Now.com employs more than 25 people and generates less than $5 million in annual revenue; however, PPA Holdings is much larger, generating over $19 million per year in revenue.
How to Protect Yourself After a Data Breach
Data breaches are becoming more prevalent, affecting millions of Americans each year. Given the frequency with which these breaches are occurring, it is imperative that consumers know what to do in the event their information is leaked in a data breach.
The biggest risk in the wake of a data breach is a hacker uses your personal information to steal your identity or sells your information on the dark web to someone else who can then use it to steal your identity. Of course, there is little to nothing you can do to prevent a data breach because, after you provide your information to an organization, any breach involving the organization’s computer network can expose your personal or financial information. However, there are some important steps you can take after a data breach to reduce the likelihood of becoming a victim of identity theft or other fraud.
Identify What Data Was Compromised
The first thing to do after a data breach is to review the data breach letter, noting what information of yours was compromised. While the steps below apply to data breaches in general, there are certain additional steps you should take if a breach involves highly sensitive information such as your financial account information or Social Security number.
Be Vigilant in Monitoring Your Online Accounts
Often, hackers try to use any stolen information as quickly as possible. This is because consumers may close their accounts as soon as they learn about the breach. However, it may take some time for criminals to obtain other necessary information before attempting to steal your identity. Thus, it is imperative that you diligently check your online bank and credit card accounts, as well as your credit report.
Enroll in Free Credit Monitoring
Credit monitoring typically costs consumers between $20 and $40 per month. However, after a data breach, companies usually offer victims free credit monitoring for a period of time—usually between one to two years. It is a good idea to sign up for free credit monitoring, as it can help you determine if someone is trying to steal your identity. Further, signing up for free credit monitoring does not impact your rights to bring a data breach lawsuit against the company that leaked your information if the company was negligent leading up to the breach.
Consider Placing a Fraud Alert or a Credit Freeze on Your Credit Account
By contacting any one of the three major credit bureaus, you can place a fraud alert or credit freeze on your credit accounts. A fraud alert notifies potential creditors that your information was recently exposed in a data breach and puts them on notice that an imposter may be trying to open a new line of credit. A credit freeze offers additional protection by preventing any company from pulling your credit without your advance approval. The Identity Theft Resource Center has repeatedly noted that placing a credit freeze on your credit account is the single best way to prevent fraud after a data breach.
Those who are interested in learning more about their options following a breach should reach out to an experienced data breach lawyer for immediate assistance.