On November 3, 2023, Perry Johnson & Associates (PJ&A) reported a significant data breach impacting the information of nearly nine million consumers. The notice of this breach was filed with the Attorney General of California, after PJ&A discovered that an unauthorized party had gained access to files stored on their company’s computer network.
An in-depth disclosure provided by the afflicted firm delineates that the accessed data was extensive, encompassing not only names but also Social Security numbers, dates of birth, addresses, as well as sensitive medical data such as medical record numbers and hospital account information. The specifics of the breach can be further extracted from the formal statement released by PJ&A located here.
This incident presents a serious concern for the security of consumer data in today’s highly-connected digital realm. For legal professionals and corporate entities, this breach underscores the vulnerability and potential liability associated with storing extensive personal and sensitive information. It is a poignant reminder of the importance of maintaining robust cyber-security measures to safeguard against potential breaches and their subsequent legal and financial implications.
The magnitude of this breach—with nearly nine million consumers affected—demonstrates the critical nature of such cybersecurity risks in today’s data-driven business environment. Legal professionals who advise companies on data protection policies have an integral role in mitigating such risks.
The full impact and any potential legal consequences of the PJ&A data breach are yet to be determined. What is certain however, is the reaffirmation of the critical need for vigilant data protection measures and policies that effectively mitigate potential breaches.