“We are writing to inform you that on or around July 31, 2018, an unauthorized offshore entity was able to use malware to gain illegal access to Naylor Association Solutions systems to access certain customers’ names and their Naylor account’s usernames and passwords.Immediately after discovering the attack, we took measures to terminate access to our systems by forcing a password reset for all users, deploying intrusion and penetration testing tools to identify any additional vulnerabilities, and engaging a third party forensic investigation firm.
If you logged into the Naylor Content Submission system, you should have received a notification requiring you to reset your Naylor user account password. As an immediate precaution, we strongly recommend that anyone who uses their Naylor account password on third-party websites and services should immediately update their password on these third-party websites and services. Internet security is an ongoing issue for all companies. Naylor is committed to protecting client data and will continue to be diligent to monitor and protect against attacks. We sincerely regret this incident occurred. If you have any questions about this incident or your personal information, please contact Vanessa Casos, Information Technology Coordinator at 204-975-0429 firstname.lastname@example.org.”