Strauss Borrelli PLLC, a leading data breach law firm, is investigating CRB Group, Inc. (“CRB”) regarding its recent data breach. The CRB data breach may have involved sensitive personal identifiable information belonging to over 1,000 individuals.
ABOUT CRB GROUP, INC.:
CRB is a privately held engineering and design firm based in Missouri. Founded in 1984, CRB provides sustainable engineering, architecture, construction and consulting solutions to companies worldwide.2 Today, CRB offers these services to a variety of industries, including biotechnology, food and beverage, pharmaceuticals, and science and technology. Headquartered in Kansas City, Missouri, CRB has 19 additional locations across the United States, Puerto Rico, and Europe, and employs over 1,000 individuals.
WHAT HAPPENED?
Recently, CRB reported to the Attorney General of New Hampshire that it had experienced a data breach in which the sensitive personal identifiable information in its systems may have been accessed. According to the breach notice, on January 3, 2024, CRB experienced a network disruption that impacted certain computer systems. As a result, CRB launched an investigation to determine the nature of the incident.
Through its investigation, CRB learned that sensitive personal information in its systems may have been viewed and taken by an unauthorized actor between December 25, 2023, and January 3, 2024. As a result, CRB began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by CRB. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government identification number
- Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
On August 21, 2024, CRB mailed data breach notification letters to impacted individuals. Based on the breach notice sent to New Hampshire residents, CRB is providing affected individuals with a list of the specific type of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that CRB filed with the Attorney General of New Hampshire is below.
If you received a breach notification from CRB Group, Inc.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.