State Urges Hawaii Residents Impacted by Recent Mainland Data Breaches to Take Precautions

article top
REPORT FROM THE DCCA –The Department of Commerce and Consumer Affairs’ Office of Consumer Protection (OCP) advises Hawaii residents to take precautions if they believe they have been affected by either of two recent data breaches. Required reports to OCP indicate there may be more than 2,300 people affected in Hawaii.

“These incidents affect a significant number of people, including Hawaii residents,” said Bruce Kim, OCP executive director. “Hawaii residents who believe they may be at risk because of these incidents are urged to take immediate steps to protect their personal information. It is critical for those affected to use the contact information provided by the agencies involved and get current information on what they can do to protect themselves.”

OCP recently received notification of two separate data breaches originating on the mainland that affect a number of Hawaii residents. The first involves customers of Nationwide Insurance and Allied Insurance. Nationwide reported that computer hackers accessed personal information stored by the two companies in early October. This breach may have compromised records containing customers’ Social Security numbers. Current estimates are that more than 1.1 million people may be affected nationally.  


OCP believes that as many as 170 Hawaii residents may be affected by this breach. On Nov. 16, the company began sending out notices to affected people. Although Nationwide indicates that it is not aware of evidence of personal information being misused, the company is providing free credit report monitoring and identity theft protection services to affected people for one year.

Individuals who believe they may be affected or have questions can call the company’s toll-free hot line at 1-800-760-1125.

The second incident involved the breach of tax returns and other data at the South Carolina Department of Revenue sometime in September 2012 and went undetected until October 2012. South Carolina determined that only state tax returns filed electronically by businesses or individuals since 1998 were impacted. It is believed that the Social Security information of 3.8 million taxpayers, information belonging to 699,900 businesses, 3.3 million bank accounts, and 5,000 credit cards were compromised in the attack.  

The law firm representing South Carolina recently informed OCP that the personal information of approximately 2,136 Hawaii residents – who either filed their returns electronically or whose information was included on another entity’s electronic tax filing – may have been compromised. The U.S. Secret Service is directing an investigation into this incident. South Carolina has taken steps to contain the breach and implement new technology and policy protections to prevent further exposure of taxpayers’ personal information.

OCP is currently seeking confirmation from South Carolina that the notice required by state law was actually sent to affected Hawaii residents as well as verification of the number of Hawaii residents affected by the breach.          

For those residents who believe they may have been affected by the South Carolina incident, South Carolina is providing a year of credit monitoring and fraud resolution services through Experian’s ProtectMyID Alert Program. They should call 1-866-578-5422 for more information or go to

Businesses are required by Hawaii law to notify customers of any security breach involving personal information in any form following discovery of the breach. Hawaii law also requires businesses to notify OCP about the breach without unreasonable delay as well as information on the timing, distribution and content of the notices sent by the business to affected persons.

The following tips and resources are available to those who believe they have been a victim of identity theft:

Identity Theft Warning Signs

·        Unauthorized charges on your credit card

·        Receiving credit cards that you did not seek

·        Missing credit card bills

·        Calls or letters from debt collectors or businesses about merchandise you did not buy or services you did not authorize

·        Being denied credit or offered credit at less favorable terms for no apparent reason

·        Unauthorized credit cards or charges on your credit report

Tips on Protecting Yourself Following a Security Breach

·        Contact your creditors, including credit card companies, banks, and other lenders, to determine whether there is any suspicious or unauthorized activity that has occurred on your accounts.

·        Place an initial fraud alert on your credit report.  You are entitled to a free copy of your credit report.  Order it and review it for problems.

·        Contact any of the three consumer reporting companies to place a fraud alert on your credit report.  A fraud alert does not block potential new credit, but places a comment on your history. Creditors should contact you prior to opening a new account.  You only need to contact one of the three companies because that company is required to contact the other two. Once you place a fraud alert on your file, you are entitled to a free copy of your credit report.  The credit reporting agencies will send you a letter telling you how to order your free report. When you receive your credit reports, review them carefully and look for any suspicious activity.

·        Consider placing a credit freeze on your credit reports.  A credit freeze means that your credit file cannot be shared with potential creditors or insurance companies. You, too, will not be able to open new credit while a freeze is in place.  Individuals can request that a freeze be temporarily lifted for the purpose of obtaining new credit.

·        Remain alert. It’s especially important in the first year following a security breach notification.

All consumers can obtain a free annual credit report from each of the three major credit-reporting agencies, regardless of whether they have been identity theft victims. Call 1-877-322-8228 or request one online at Reports can also be requested directly from one of the reporting companies. Carefully review this report for suspicious activity.



Credit Reporting Agencies:

·        Equifax: 1-800-525-6285;; P.O. Box 740241, Atlanta, GA 30374-0241

·        Experian: 1-888-EXPERIAN (397-3742);; P.O. Box 9532, Allen, TX 75013

·        TransUnion: 1-800-680-7289;; Fraud Victim Assistance Division, P.O. Box 6790, Fullerton, CA 92834-6790

As consumer counsel for the state, the Office of Consumer Protection is the primary agency responsible for reviewing, investigating and prosecuting allegations of unfair or deceptive trade practices in consumer transactions.