P2018-ND-126

Quality Credit Services Limited (doing business as Quality Credit Reporting)

The affected individuals are prospective franchisees of a franchisor who retained the Organization to provide credit reports in connection with the credit applications of those prospective franchisees. The prospective franchisees are spouses. On August 28, 2018, an employee of the Organization emailed the prospective franchisees to advise that the franchise credit applications had been received and that the credit report process was underway. The employee attached the prospective franchisees? credit applications to the email. Even though the information in the credit applications was provided by the franchisees, sending the information back to the franchisees is not an approved procedure. The mistake was compounded because the employee who sent the email mistyped the email address of one of the prospective franchisees. As a result, the information in the credit applications was misdirected with the potential for unauthorized disclosure if the misdirected email was received and opened. The incident was discovered when it was reported to the Organization by one of the prospective franchisees on August 29, 2018.

File Type: pdf
Categories: 2018
Tags: Unauthorized access