A data breach at the Donald W. Wyatt Detention Facility in Central Falls, Rhode Island, has impacted nearly 20,700 people, far exceeding initial estimates, according to a class-action lawsuit filed in U.S. District Court last week.
The breach, which occurred on Nov. 2, 2023, was initially reported to have affected 1,984 individuals. However, a recent letter from the facility included in the lawsuit reveals the number of victims could be as high as 20,693.
Jacob Hellested, who applied for a job at the facility but never worked there, filed the lawsuit on July 19 after receiving notification of the breach eight months after it occurred.
Wyatt Detention Facility Delayed Breach Notification
The Donald W. Wyatt Detention Facility, established in 1993, was America’s first publicly owned and privately operated adult secure correctional facility.
The lawsuit alleges that the facility’s “poor data security” led to thousands of people’s personal information being posted on the dark web. This information potentially includes birthdates, phone numbers, addresses, Social Security numbers and financial data.
Peter Wasylyk, Hellested’s attorney, stated that the long delay in notification prevented victims from taking timely action to protect themselves. He added that the affected individuals may feel the consequences of this data breach for years to come.
A letter sent to victims in July revealed that the actual number of affected individuals was significantly higher than initial estimates. According to the letter, 12,890 detainees, 185 outside vendors, and 7,618 current, former, and potential staff were affected by the breach.
Facility Response and Mitigation Efforts
The Central Falls Detention Facility Corporation, which operates the publicly-owned 770-bed facility, acknowledged the cyberattack in a statement. They expressed regret for any inconvenience caused and stated that eligible individuals are entitled to receive free credit monitoring at the facility’s expense.
The facility has partnered with a legal services company to provide five years of free Equifax credit monitoring to those affected by the breach. However, the lawsuit argues that this response is insufficient given the potential long-term impact on victims’ personal and financial well-being. The facility’s attorney has declined to comment further on the matter due to the ongoing litigation.
The Wyatt Detention Facility, which opened in 1993, has been used by both the U.S. Marshal Service and Immigration and Customs Enforcement Agency.
Source: Read More
