MAPLEWOOD, NJ — On Aug. 7, the Maplewood Police Department gave notice of a data privacy incident. According to the department, Maplewood discovered and remediated suspicious activity from the police department network. Upon discovering the activity, Maplewood commenced an immediate investigation, which included working with a leading third-party forensic investigation firm to determine what may have happened. The investigation confirmed that malware had been introduced on the network on Dec. 9, 2018. Because the malware made it impossible to determine what, if any, information was accessed, Maplewood provided notice of this incident to all potentially affected individuals with information in the department’s systems.
To date, there is no evidence of actual or attempted misuse of this information. This notice is intended to inform potentially affected individuals of the data privacy incident and to provide information and resources that they may use to better protect against potential financial fraud or other misuse of personal information.
While there is no evidence that any information within the network was misused, the information at-risk may include: your full name or first initial and last name; Social Security number; driver’s license number/state identification number; or account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account.
“We stress that to date, the investigation has not revealed evidence suggesting any information was actually viewed, accessed or obtained by the unauthorized actor,” the notice read.
“We take this incident and the security of your personal information very seriously,” it continued. “Upon discovery of the unauthorized access, we immediately took necessary measures to contain the incident and secure the computer network. We then engaged a third-party forensics firm to determine the full scope of the incident. We have taken many significant steps to ensure the security of the information under our trust. We also reassessed the technical safeguards relating to our other systems containing personal information, conducted employee retraining focused on email safety awareness, and reviewed our policies and procedures regarding security generally for potential enhancements. We also reported this incident to the Federal Bureau of Investigation, New Jersey State Police, the County of Essex Prosecutor’s Office and the U.S. Department of Homeland Security.”
The township has established a dedicated line for individuals seeking additional information regarding this incident. Individuals may call 855-424-2569 Monday through Friday from 9 a.m. to 9 p.m. with questions or if they would like additional information. Maplewood can also be reached by mail at 574 Valley St., Maplewood Township, NJ 07040.
In order to protect personal information moving forward, the department advises residents to monitor their accounts. Potentially affected individuals are encouraged to remain vigilant against incidents of identity theft and fraud, to review account statements, and to monitor credit reports for suspicious activity. Under U.S. law, everyone is entitled to one free credit report annually from each of the three major credit reporting bureaus. To order a free credit report, visit www.annualcreditreport.com or call 1-877-322-8228.
Individuals also have the right to place a “security freeze” on a credit report, which will prohibit a consumer reporting agency from releasing information in a credit report without the individual’s express authorization. The security freeze is designed to prevent credit, loans, and services from being approved in the consumer’s name without their consent. However, using a security freeze may delay, interfere with or prohibit the timely approval of any subsequent request or application made regarding a new loan, credit, mortgage or any other account involving the extension of credit. Pursuant to federal law, a person cannot be charged to place or lift a security freeze on a credit report. To place a security freeze, contact the major consumer reporting agencies: Experian at 1-888-397-3742 or www.experian.com/freeze/center.html; TransUnion at 1-888-909-8872 or www.transunion.com/credit-freeze; and Equifax at 1-800-685-1111 or www.equifax.com/personal/credit-report-services.
As an alternative to a security freeze, consumers have the right to place an initial or extended “fraud alert” on their file at no cost. An initial fraud alert is a one-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. Victims of identity theft are entitled to an extended fraud alert, which is a fraud alert lasting seven years. To place a fraud alert, contact: Experian at 1-888-397-3742 or www.experian.com/fraud/center.html; TransUnion at 1-800-680-7289 or www.transunion.com/fraud-victim-resource/place-fraud-alert; and Equifax at 1-888-766-0008 or www.equifax.com/personal/credit-report-services.