Me, too. Ridiculous. This is the second data breach notification from a company I've received in the last month. There needs to be a large penalty for businesses who fail to protect their customers'/workers' data. The letter indicates the data was accessed via a successful phishing attempt. My remedy? Another security monitoring service to which I need to provide... you guessed it... my personal information, including my social security number.
The letter further indicates that the email accessed via the phishing attempt included various information, such as my name, social security number, tax ID number, driver's license number, financial account number and medical or health insurance information. Why in Heaven's name is my personal information held in someone's email account at Stericycle?