On March 30, 2023, KAVX experienced a cybersecurity incident affecting servers located in Greenville and Myrtle Beach, South Carolina, USA, which resulted in the encryption of a limited number of systems and temporary disruption of certain services. KAVX later discovered that the data contained on the impacted servers included personal information of individuals globally. We immediately initiated an investigation. Our investigation indicated that some personal information may have been accessed by an unauthorized party.
What information may have been involved?
The following types of personal information may have been impacted: first and last name, address, date of birth, personal contact details such as phone number and email, employment-related data such as employee ID, compensation and salary information, employment performance, trade union data, health and medical-related information, gender identity, race and ethnicity, signatures, certain government-issued identifiers such as social security number, driver’s license number, passport number, other identification numbers, tax information, and financial account number.
What are the possible consequences of the incident?
If certain types of personal information were accessed, then there is a risk that criminals may try to use it to carry out identity theft or fraud. You should always be vigilant of fraud and wary of anyone who asks you for personal information. We understand that you may be concerned by this incident, and we want to help support you.
What are we doing?
The security of our network and of personal information are among our top priorities. We have thoroughly investigated this incident and have taken additional steps to further secure our systems. We apologize for any inconvenience caused by this matter.
Out of an abundance of caution, we are providing notice to anyone who may have been potentially impacted by this incident and are offering complimentary credit monitoring or dark web monitoring services to individuals based on the personal information that was potentially impacted.
If you think you may have been impacted by this incident, please refer to the “How do I enroll in monitoring services” section to verify potential impact.
How do I enroll in monitoring services?
Out of an abundance of caution, we are offering complimentary monitoring services across certain markets to individuals if their personal information was potentially impacted. To confirm if you have been impacted and to enroll in monitoring services, visit website or call number ( US: 1-888-566-4971 | Outside US: 1-936-559-2285 ) (Monday – Friday 9am-9pm EST and Saturday – Sunday 9am-6pm EST).
What if I don’t have my activation code to sign up for monitoring services?
If you were impacted and we have record of your current address a letter was sent which included a unique, single-use code which you will need to sign up. If you do not recall receiving a letter, or have lost it, please contact Identity Theft Protection Services (IDX) at ( US: 1-888-566-4971 | Outside US: 1-936-559-2285 ) to verify your information and if you were impacted, to obtain the unique, single-use code you need to sign up for free monitoring services.
What if I don’t have an email?
If you were impacted and received a letter, you can call the number in your letter and enroll with an agent and get your alerts sent by mail.
I signed up for credit monitoring already, what do I need to do?
You don’t need to do anything. 12 months of monitoring will be available from the day you sign up for monitoring services.
What else can I do?
Review your accounts and credit reports – We recommend that you remain vigilant by reviewing account statements and monitoring credit reports (if applicable).
In addition, whenever you set usernames and passwords for online services we recommend that you:
- Enable two-step authentication on all your online services.
- Use strong (long, unusual and complex) passwords and do not use the same password for different online services.
- Use a password for your personal email accounts which is different from all your other passwords and ensure it is strong. For example, by using three random words to create your password.
Due to the prevalence of cyber-attacks, we recommend that you take the following precautionary steps:
- Be very wary of any phone calls or emails seeking your personal information.
- Be alert to emails asking you to click on links, download documents or share your personal details – if you receive an email that seems suspicious, don’t open it.
What if I have more questions?
Contact Identity Theft Protection Services (IDX) at ( US: 1-888-566-4971 | Outside US: 1-936-559-2285 ) to gain additional information about this event and speak with knowledgeable representatives about the appropriate steps to take to protect your identity.