Data Breach Summary
Relay Graduate School of Education has announced that it recently experienced a data security incident which may have impacted the personal information of some individuals. The school has assured affected parties that it takes the protection of personal data very seriously and has taken immediate steps to address the situation.
On November 22, 2024, Relay discovered that a threat actor gained unauthorized access to several applications hosted by Amazon Web Services (AWS). During this breach, the attacker deleted certain files stored within the AWS environment. Although the school’s cybersecurity team, along with AWS’s security team, responded quickly to sever the attacker’s access, it is believed that the attacker may have accessed student records containing personally identifiable information (PII).
By December 11, 2024, after restoring the deleted files from backups and confirming the list of potentially affected individuals, Relay determined that your personal information may have been impacted. The breach was limited to a few hours, thanks to the prompt response from both AWS and the school’s security teams.
In response to the breach, Relay is offering affected individuals free access to credit monitoring services, including Single Bureau Credit Monitoring, a Single Bureau Credit Report, and a Single Bureau Credit Score. These services will alert users to any changes or updates to their credit file and provide notifications on the same day such changes occur. Additionally, Relay is providing proactive fraud assistance to help affected individuals with any questions or to support them in the event they become victims of fraud.
Although there is currently no evidence to suggest that identity theft or fraud has occurred due to this incident, individuals linked to Relay Graduate School of Education are encouraged to take precautions. To minimize potential risks, it is advisable to regularly monitor financial statements, update passwords, and remain vigilant against unsolicited communications, such as phishing attempts. For additional guidance on safeguarding your information following a data breach, we encourage you to review this resource on responding to data breaches and the proactive steps you can take to protect yourself.
The potentially compromised data includes the following elements:
While Social Security numbers were stored in the affected environment, they were encrypted. There is currently no evidence to suggest that the threat actor was able to access any Social Security numbers.
If you received a data breach notification from Conceptions Reproductive Associates of Colorado, it likely means your information was affected. Class Action U, in partnership with KO Lawyers, is supporting individuals impacted by the Conceptions Reproductive Associates of Colorado data breach. If your information was exposed in this breach, you may be eligible to join a class action lawsuit to seek compensation for:
A successful case could also compel Conceptions Reproductive Associates of Colorado, to enhance its security practices to prevent similar incidents in the future. Contact Class Action U today to explore your legal options and protect your rights.
©2024 ClassActionU