Wyatt Detention Center hit with federal lawsuit over data breach
Wyatt Detention Center hit with federal lawsuit over data breach
GOV & POLITICS
Jul 25, 2024 | 4:58 pm ET
By Alexander Castro
SHARE
Wyatt Detention Center hit with federal lawsuit over data breach
There could be as many as 20,693 people who were victims of a data breach at the Donald W. Wyatt Detention Facility in Central Falls. (File photo)
A data breach at Donald W. Wyatt Detention Facility had 10 times the number of victims originally estimated last year, according to a class-action lawsuit filed last week in Rhode Island U.S. District Court.
The breach occurred on Nov. 2, 2023. Four days before Christmas, the Central Falls facility publicized that the personal data of 1,984 had been exposed. That included 1,454 detainees, 438 current and former staff, and 92 outside vendors.
But a letter from Wyatt included in the new lawsuit suggests the total number of victims could be as high as 20,693 people.
Some victims weren’t notified of the leak until eight months later, like Jacob Hellested, who never worked at the facility but did apply for a job there. Hellested was notified by mail July 9 and filed the lawsuit July 19 against the Central Falls Detention Facility Corporation, the private operator of the publicly-owned 770-bed facility.
The letter Hellested received shared new numbers: 12,890 detainees, 185 outside vendors and 7,618 current, former and potential staff were affected by the leak. It also noted that the facility had partnered with a legal services company to provide five free years of Equifax credit monitoring to people affected by the breach.
The lawsuit argues that the facility’s “poor data security” led to thousands of peoples’ personal information — which potentially includes birthdates, phone numbers, addresses and Social Security numbers and financial information — posted to the dark web.
“Plaintiff Hellested reasonably believes that his Private Information may have already been sold by the cybercriminals,” the lawsuit notes. “Had he been notified of Wyatt’s breach in a more timely manner, he could have attempted to mitigate his injuries.”
“Plaintiff suffered actual injury in the form of damages and diminution in the value of his [personally identifiable information — a form of intangible property that they entrusted to Wyatt,” the complaint reads. “Plaintiff suffered lost time, annoyance, interference, and inconvenience as a result of the Data Breach and has anxiety and increased concerns for the loss of his privacy, especially his Social Security number.”
“The Donald W. Wyatt Detention Facility was the victim of a cyberattack in November 2023,” the corporation shared in a statement Thursday. “We regret any inconvenience this attack has had on others. We quickly took steps to minimize its impact, and eligible individuals are entitled to receive free credit monitoring at the Facility’s expense. Because this case is currently in litigation, we have no further comment.”
The long delay prevented victims from taking action to protect themselves sooner, said Peter Wasylyk, Hellested’s attorney, in an email Thursday.
“The affected class of individuals may feel the consequences of this data breach for years to come, as it has the potential to disrupt their personal and financial wellbeing,” Wasylyk said.
Wyatt opened in 1993, and both the U.S. Marshal Service and the Immigration and Customs Enforcement Agency have used the detention facility.
The post Wyatt Detention Center hit with federal lawsuit over data breach appeared first on Rhode Island Current.
GOV & POLITICS
Jul 25, 2024 | 4:58 pm ET
By Alexander Castro
SHARE
Wyatt Detention Center hit with federal lawsuit over data breach
There could be as many as 20,693 people who were victims of a data breach at the Donald W. Wyatt Detention Facility in Central Falls. (File photo)
A data breach at Donald W. Wyatt Detention Facility had 10 times the number of victims originally estimated last year, according to a class-action lawsuit filed last week in Rhode Island U.S. District Court.
The breach occurred on Nov. 2, 2023. Four days before Christmas, the Central Falls facility publicized that the personal data of 1,984 had been exposed. That included 1,454 detainees, 438 current and former staff, and 92 outside vendors.
But a letter from Wyatt included in the new lawsuit suggests the total number of victims could be as high as 20,693 people.
Some victims weren’t notified of the leak until eight months later, like Jacob Hellested, who never worked at the facility but did apply for a job there. Hellested was notified by mail July 9 and filed the lawsuit July 19 against the Central Falls Detention Facility Corporation, the private operator of the publicly-owned 770-bed facility.
The letter Hellested received shared new numbers: 12,890 detainees, 185 outside vendors and 7,618 current, former and potential staff were affected by the leak. It also noted that the facility had partnered with a legal services company to provide five free years of Equifax credit monitoring to people affected by the breach.
The lawsuit argues that the facility’s “poor data security” led to thousands of peoples’ personal information — which potentially includes birthdates, phone numbers, addresses and Social Security numbers and financial information — posted to the dark web.
“Plaintiff Hellested reasonably believes that his Private Information may have already been sold by the cybercriminals,” the lawsuit notes. “Had he been notified of Wyatt’s breach in a more timely manner, he could have attempted to mitigate his injuries.”
“Plaintiff suffered actual injury in the form of damages and diminution in the value of his [personally identifiable information — a form of intangible property that they entrusted to Wyatt,” the complaint reads. “Plaintiff suffered lost time, annoyance, interference, and inconvenience as a result of the Data Breach and has anxiety and increased concerns for the loss of his privacy, especially his Social Security number.”
“The Donald W. Wyatt Detention Facility was the victim of a cyberattack in November 2023,” the corporation shared in a statement Thursday. “We regret any inconvenience this attack has had on others. We quickly took steps to minimize its impact, and eligible individuals are entitled to receive free credit monitoring at the Facility’s expense. Because this case is currently in litigation, we have no further comment.”
The long delay prevented victims from taking action to protect themselves sooner, said Peter Wasylyk, Hellested’s attorney, in an email Thursday.
“The affected class of individuals may feel the consequences of this data breach for years to come, as it has the potential to disrupt their personal and financial wellbeing,” Wasylyk said.
Wyatt opened in 1993, and both the U.S. Marshal Service and the Immigration and Customs Enforcement Agency have used the detention facility.
The post Wyatt Detention Center hit with federal lawsuit over data breach appeared first on Rhode Island Current.
