Recently, Rennline, Inc., a division of ECS Tuning, confirmed that the company experienced as a result of a cybersecurity incident that occurred at one of the company’s third-party vendors, Freestyle Solutions, Inc. According to Rennline, the breach resulted in the names, credit or debit card numbers, expiration dates, card verification codes (CVV), billing addresses and transaction details of affected parties being compromised. On June 3, 2022, Rennline filed official notice of the breach and sent out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the Rennline data breach, please see our recent piece on the topic here.

The Rennline data breach stems from a data security incident at one of the company’s third-party vendors, Freestyle Solutions, Inc. Freestyle Solutions provides shopping cart and payment processing services for Rennline, as well as many other online retailers.

Evidently, on March 2, 2022, Freestyle Solutions notified Rennline that it had identified malware on the company’s computer systems. Freestyle Solutions also indicated that it had contacted law enforcement and was in the process of investigating the incident. This investigation later confirmed that, as a result of the malware on Freestyle Solution’s system, the payment card information of certain Rennline customers was accessible to an unauthorized party between September 21, 2020, and February 3, 2022.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, Rennline reviewed all files accessible to the unauthorized party to determine what information was compromised. While the breached information varies depending on the individual, it may include your name, credit or debit card number, expiration date, card verification code (CVV), billing address and transaction details.

On June 3, 2022, Rennline sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.

More Information About Rennline, Inc.

Rennline, Inc. is an automotive parts manufacturer and retailer based in Milton, Vermont. Rennline is a division of ECS Tuning, LLC, which is a part of Enthusiast Auto Holdings. Rennline Automotive manufactures a wide range of automotive parts, including CNC waterjet, CNC milling and turning operations, bending, forming, welding, embossing, powder coating, painting, anodizing and screen printing. ECS Tuning, LLC, Rennline’s parent company, employs more than 250 people and generates approximately $185 million in annual revenue.

Following a data breach, especially one involving multiple companies, victims often ask which companies can be held liable for exposing their information to hackers. Under state and federal data breach laws, all organizations have an obligation to protect consumer information in their possession. This includes both those organizations that directly receive information from a customer as well as third-party vendors that receive the data through another company.

In the case of the Rennline/Freestyle Solutions data breach, there is no indication that Rennline’s data security systems were inadequate. However, depending on the outcome of the investigation, Rennline may have been negligent in entrusting consumer data to Freestyle Solutions. For example, this may be the case if Rennline had reason to believe that Freestyle Solutions’ servers were not secure or that the company had a history of mishandling consumer data. Of course, Freestyle Solutions may also be liable for the breach, depending on what evidence emerges in the future.

Businesses that elect not to implement robust data security systems do so at great risk to consumers' privacy. Pursuing a data breach lawsuit is one way for victims of a data breach to hold companies accountable and encourage them to take their responsibilities seriously.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Console and Associates, P.C. | Attorney Advertising

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.

Copyright © JD Supra, LLC