Employee Data Incident Response - March 2016

Mohawk Mountain Ski Area is committed to maintaining the privacy and security of our employees’ personal information.  Regrettably, we are writing to inform you of an incident involving some of that information.

During the week of March 15, 2016, we learned that direct deposit information for some our employees had been changed.  We immediately began an investigation, contacted our payroll vendor, changed the direct deposit information so that no unauthorized transfers occurred, and changed the credentials to our payroll provider’s portal.  We confirmed that an unauthorized individual had gained access to our payroll vendor’s portal and had changed your direct deposit information.  We caught this before any unauthorized transfer occurred.  In addition to your bank account and routing numbers, the unauthorized individual had the ability to access your personal information in our payroll provider portal, such as your name, address, telephone number, date of birth, wages, employee identification number, and Social Security number.  We have notified the FBI of the incident and are cooperating with their investigation.      

We recognize this issue can be frustrating and we are taking steps to help protect you and to safeguard employee personal information going forward.  As an added precaution, we have arranged to have AllClear ID protect your identity for 24 months at no cost to you.  The following identity protection services start on the date of this notice and you can use them at any time during the next 24 months.

AllClear SECURE: The team at AllClear ID is ready and standing by if you need identity repair assistance.  This service is automatically available to you with no enrollment required.  If a problem arises, simply call 877-676-0379 and a dedicated investigator will help recover financial losses, restore your credit and make sure your identity is returned to its proper condition.

AllClear PRO: This service offers additional layers of protection including credit monitoring and a $1 million identity theft insurance policy.  To use the PRO service, you will need to provide your personal information to AllClear ID. Your  redemption code has been mailed to the last address we had on file for you.  We can also provide you with your redemption code by phone or email.

Please note: Additional steps may be required by you in order to activate your phone alerts and monitoring options. 

Regardless of whether you choose to take advantage of the identity protection services we are offering, we recommend that you remain vigilant to the possibility of fraud and identity theft by reviewing your credit reports, bank account activity, and financial statements for any unauthorized transactions.  More information about preventing identity theft is included with this letter.

We regret any concern this may cause you.  To help prevent a similar incident from happening in the future, we are evaluating our controls and will be implementing additional protections, and we will be taking further actions to enhance our information security safeguards moving forward. 

Should you have further questions regarding this incident, you may call 860-672-6100, Monday through Friday, 9:00 a.m. to 5:00 p.m. Eastern Standard Time.

Sincerely,

Carol Lugar, President