Morgan & Morgan’s industry leading data privacy attorneys are investigating Receivables Performance Management (“RPM”) regarding its recent data breach (which may be referred to as a “data event” or “data security incident”). The RPM data breach involved sensitive personally identifiable information that may have been exposed to an unauthorized individual.
We are investigating, among other things, the following:
- how RPM acquired the sensitive information;
- whether RPM should have had the sensitive information;
- whether and, if so, why RPM stored this sensitive information in an Internet-accessible environment;
- whether RPM encrypted the sensitive information;
- whether RPM deleted sensitive information it no longer had a reasonable need to retain;
- whether RPM implemented appropriate and adequate security measures to protect the sensitive information; and
- whether RPM has provided affected individuals adequate protection and compensation for any harms they have experienced as a result of the data breach.
RPM is a debt collector that performs accounts receivable management. On or around May 12, 2021, RPM became aware of a ransomware attack on its systems that may have resulted in unauthorized access to and/or acquisition of personal information, including Social Security numbers. Recently, RPM sent out data breach notification letters to those who were impacted by the breach.
If you received a data breach notification and would like to discuss with an attorney for a free case evaluation.
We place a significant amount of trust in the companies we choose to share our information with, making the data breach all the more unacceptable. If you suspect that your information was exposed in the RPM data breach, Morgan & Morgan is here to help.