Western Electrical Contractors Association Data Breach

NOTICE: If you received a NOTICE OF DATA BREACH letter from Western Electrical Contractors Association, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options or submit a confidential Case Evaluation form here.

On August 29, 2024, Western Electrical Contractors Association, Inc. (“WECA”), reported a cybersecurity incident (“Data Breach”) to the Attorney General Offices in Maine and California. WECA disclosed that earlier this year, it discovered suspicious activity on certain computer systems within its network. A subsequent investigation, concluding on June 27, 2024, confirmed that between January 21 and January 22, 2024, an unauthorized party accessed and exfiltrated certain files within WECA’s network, which contains individuals’ sensitive and confidential information.

Recently, WECA began sending out data breach notification letters to those affected by the Data Breach. Each notification letter details the types of information that were inappropriately accessed as a result of the Data Breach.

According to WECA’s report to the Attorney General of Maine, approximately 35,290 individuals were impacted by the Data Breach. As the Data Breach was only recently announced, WECA has not yet disclosed additional details. If you received a data breach notification letter from WECA, it indicates that you were affected by the Data Breach.

Established in 1929, WECA is a nonprofit organization that serves merit shop electrical contractors, their employees, electrical apprentices, independent electrical trainees, and students. Headquartered in Mather, California, WECA provides both online and in-person training programs, governmental advocacy, essential business services, and responsive customer support to its members and the electrical, solar, and low-voltage industries. WECA employs more than 70 people and generates approximately $10 million in annual revenue.

WHAT INFORMATION IS INVOLVED?

The type of compromised information varied among individuals and may have included the following:

  • Names,
  • Dates of birth,
  • Social Security numbers,
  • Driver’s license numbers,
  • Financial account information,
  • Payment card information,
  • Medical information,
  • Health insurance information.

This information is referred to as your Personally Identifiable Information (“PII”). It provides critical details about you and is an integral part of your identity. Businesses are legally required to protect this information, or they risk incurring statutory penalties and other legal repercussions. When PII is stolen, it can be used by identity thieves to commit fraudulent activities using your identity.

Personal medical information (a specific type of PII) is referred to as Protected Health Information (“PHI”). It is protected under both state and federal law. Healthcare providers and other businesses who handle PHI are required to protect that information. Like stolen PII, stolen PHI can be used by identity thieves to engage in fraudulent activity using your identity. Quite often, PII and PHI are used in conjunction by hackers.

The best way to protect yourself after a data breach is to sign up for credit and identity protection services as soon as possible.

California offers extra protections and legal rights to its residents through the California Consumer Privacy Act (“CCPA”).

NOTICE: If you received a NOTICE OF DATA BREACH letter from Western Electrical Contractors Association, contact the Arnold Law Firm at (916) 777-7777 to discuss your legal options or submit a confidential Case Evaluation form here.