Subscribe To Our Newsletter
TABB, Inc., a business partner of The Brooklyn Hospital Center, disclosed that a database containing background check data was inadvertently made publicly discoverable in August 2024. The breach affected 5,309 individuals, and impacted individuals are being offered complimentary credit monitoring.
Who was affected:
Impacted Data:
Name
TABB, Inc. (“TABB”), a business partner of The Brooklyn Hospital Center (TBHC), recently disclosed a data breach affecting 5,309 individuals. The incident involved a database containing background check information that was inadvertently made publicly discoverable. Affected individuals are now being notified and offered identity protection services.
On August 14, 2024, TABB was alerted that a database storing data related to background checks conducted on behalf of its clients was publicly discoverable. According to the notice, the database could be accessed by individuals who were able to identify its location. This exposure stemmed from what the company described as a miscalibration that made the database accessible.
Upon learning of the issue, TABB took immediate action to remediate the configuration error and secure the database. However, because the company could not rule out the possibility that files were accessed during the time the database was publicly available, it initiated a review of the contents to determine whether personal information was involved.
On October 25, 2024, TABB determined that the files contained personal information belonging to affected individuals. The total number of persons impacted by this incident is 5,309, including one Maine resident.
The breach has been classified as an inadvertent disclosure, rather than a hacking event. Nevertheless, publicly accessible databases can present serious risks, particularly when sensitive personal information is involved. Even if there is no direct evidence of misuse, exposure increases the likelihood of identity theft, fraud, or other unauthorized activity.
As a business associate of The Brooklyn Hospital Center, TABB maintains information in connection with services provided to TBHC. Organizations entrusted with handling background check data have a responsibility to implement proper safeguards and ensure databases are not exposed to the public internet.
Although TABB has stated that it has no evidence of unauthorized use of the information, it is notifying affected individuals out of an abundance of caution. The company has also implemented measures designed to reduce the risk of similar incidents in the future.
At Class Action U, we believe that companies entrusted with personal information must be held accountable when that information is exposed—even due to misconfigurations or inadvertent disclosures. Individuals deserve to understand what happened and to explore their legal rights when their privacy is placed at risk.
The database was publicly discoverable on August 14, 2024.
TABB completed its review and determined on October 25, 2024 that personal information was contained in the affected files.
According to the notice, the files contained:
Name
Additional personal information related to background check data (specific data elements were not fully detailed in the notice)
Background check data may include sensitive identifying information, depending on the scope of the checks conducted.
If you received a notification from TABB, consider taking the following steps:
Enroll in the complimentary 12-month membership of Experian IdentityWorks Credit 3B being offered at no cost.
Monitor your credit reports for unfamiliar accounts or inquiries.
Review financial statements and other account activity for suspicious transactions.
Consider placing a fraud alert or credit freeze with the major credit bureaus.
Report suspected identity theft to your financial institution, the Federal Trade Commission, and local law enforcement.
Even in cases where there is no evidence of misuse, it is important to remain vigilant. Identity theft can occur long after data is exposed.
You may also want to explore whether you qualify to participate in a class action lawsuit related to this incident.
If your personal information was exposed in the TABB data breach, you may be eligible to seek compensation. Organizations that collect and store background check information have a duty to ensure databases are properly secured and not publicly accessible.
Even inadvertent disclosures can create real risks, including time spent monitoring credit, anxiety, and potential identity theft. A class action lawsuit allows affected individuals to band together to hold companies accountable and pursue financial recovery.
Contact us at Class Action U, where we’ll connect you with a lawyer skilled in class action lawsuits. If you’ve been contacted about this breach, received notice, or discovered you were impacted, fill out our quick, easy, and secure form to sign up. There is no cost to reach out to our legal partner and no obligation after speaking with someone from our team.
New cases and investigations, settlement deadlines, and news straight to your inbox.
A data breach occurs when sensitive, confidential, or protected information is accessed, stolen, or disclosed without authorization. Data breaches often occur through phishing emails, malware, weak passwords, insider threats, or unsecured databases. Indicators of a data breach can include unexpected password resets, suspicious account activity, unauthorized transactions, or notifications from companies about compromised information.If you suspect your data has been compromised, you must take measures and act quickly. Change passwords, enable two-factor authentication, review your financial accounts for unusual activity and consider freezing your credit.
Once stolen, your personal information may be sold on the dark web or used for identity theft and financial fraud. In some cases, hackers use the data to extort companies or launch further attacks. Victims often face long-term risks, including damage to credit and privacy.
If you receive a data breach notification, don’t ignore it. Immediately change passwords for the affected account and any others that share credentials. Enroll in any free credit monitoring services offered and monitor financial statements closely.
To pursue a data breach claim, you’ll need documentation showing your information was compromised and proof of resulting harm, such as fraudulent charges, credit score damage, or identity theft reports. Notification letters, financial records, and communication with the breached company can help support your claim.
Yes. If a company fails to protect consumer data or delays notifying victims, it may be held liable under state and federal privacy laws. Many victims join class action lawsuits to recover financial losses and hold negligent organizations accountable.
Data breach settlements vary widely depending on the size of the breach, type of data compromised, and damages suffered by victims. Payouts may include cash compensation, identity theft protection, or reimbursement for losses. Many settlements range from a few hundred to several thousand dollars per person. A skilled data breach lawyer can guide victims through the complex legal process, ensuring their rights are protected. If you’ve received a data breach notification or believe your personal data was exposed, you may be eligible for compensation. Contact Class Action U to learn more about how to join a data breach lawsuit and understand the process of filing.
