Data Breach Summary
A significant data breach, revealed an unprotected database containing 245,949 records. The database, which was not encrypted or password-protected, was linked to a tax credit consulting agency named Rockerbox, based in Dallas, Texas. The exposed information includes sensitive personal and professional data such as names, addresses, Social Security numbers (SSNs), military discharge records, and more.
The exposed data is believed to belong to Rockerbox, a tax credit consulting company that helps businesses manage tax credits like the Work Opportunity Tax Credit (WOTC), Employee Retention Tax Credit (ERTC), and others. With clients across various industries, including healthcare, manufacturing, and hospitality, the breach potentially impacted a wide range of individuals.
However, it’s unclear whether Rockerbox itself directly managed the database or if a third-party contractor was responsible for maintaining it. Furthermore, the exact length of time the database was publicly exposed remains unknown, leaving open the possibility that unauthorized individuals could have accessed the information before it was secured.
The unencrypted database, with a total size of 286.9 GB, was accessible to the public and contained a wide variety of sensitive personal identifiable information (PII). A sample of the exposed data revealed files with PII including:
Full names, physical addresses, and email addresses
Dates of birth (DOB) and SSNs in plain text
Driver’s licenses, ID cards, and SSN cards
Work Opportunity Tax Credit (WOTC) documents with employment and salary information
Determination letters related to eligibility for various tax programs
If you received notification from Rockerbox regarding this breach, we recommend:
Regularly monitoring your credit reports and financial accounts for suspicious activity
Placing fraud alerts or security freezes on your credit reports with Equifax, Experian, and TransUnion
Taking advantage of the free identity monitoring services offered by Kalamazoo Public Schools
Reporting any suspected identity theft to law enforcement, your state attorney general, or the Federal Trade Commission
Following the breach, Rockerbox faces potential class-action lawsuits from clients alleging negligence in protecting personal data. Data breach lawsuits often claim companies failed to implement adequate security measures or delayed disclosure of breaches, thereby increasing victims’ risk of financial and identity theft damages.
Affected users may be entitled to compensation for costs related to identity monitoring, fraudulent transactions, lost time addressing the breach, and emotional distress.
If you were impacted by the Rockerbox data breach, you may have the right to seek compensation for the potential harm caused. Class Action U is dedicated to helping data breach victims connect with skilled attorneys who specialize in this area of law and can guide you through the legal process.
Individuals whose personal information was exposed may have valid grounds to join a class action lawsuit, allowing them to pursue restitution.
If your data was compromised, you could be entitled to compensation for:
Loss of privacy
Time spent resolving the breach
Out-of-pocket expenses
Emotional distress
By pursuing a class action lawsuit, you not only have the opportunity to recover damages but also help hold Rockerbox accountable, potentially prompting them to strengthen their security measures. Reach out to Class Action U today to find out if you qualify for a data breach class action and learn more about the compensation you may be entitled to.
©2024 ClassActionU
