Data Breach Notifications

Entity Information

  • Type of Organization: Other Commercial
  • Entity Name: Livingston International Inc.
  • Street Address: 405 The West Mall, Suite 400
  • City: Toronto
  • State, or Country if outside the US: Canada
  • Zip Code: M9C 5K7

Submitted By

  • Name: Kate Lucente
  • Title: Partner
  • Firm name (if different than entity): DLA Piper US (LLP)
  • Telephone Number: 206-839-4854
  • Email Address: kate.lucente@us.dlapiper.com
  • Relationship to entity whose information was compromised: Attorney

Breach Information

  • Total number of persons affected (including residents): 5199
  • Total number of Maine residents affected: 11
  • If the number of Maine residents exceeds 1,000, have the consumer reporting agencies been notified:
  • Date(s) Breach Occured: 12/02/2022
  • Date Breach Discovered: 02/01/2023
  • Description of the Breach:
    • External system breach (hacking)
  • Information Acquired - Name or other personal identifier in combination with: Social Security Number

Notification and Protection Services

  • Type of Notification: Written
  • Date(s) of consumer notification: 04/13/2023
  • Copy of notice to affected Maine residents: Notification Letter - US-final_Redacted.pdf
  • Date of any previous (within 12 months) breach notifications:
  • Were identity theft protection services offered: Yes
  • If yes, please provide the duration, the provider of the service and a brief description of the service: On December 5, 2022, Livingston experienced an IT outage associated with a legacy third-party network environment. On December 7, 2022, Livingston discovered that the outage was the result of a security incident. In response, Livingston immediately took steps to contain and remediate the impact of the incident. Livingston also engaged a security firm to conduct a forensics investigation. Livingston has since fully decommissioned the legacy third-party environment. In an abundance of caution, on December 20, 2022, Livingston informed all US employees of the incident by email and made available complimentary credit monitoring and identity restoration services. Livingston also engaged a vendor to conduct a detailed review of the data that could have been compromised as a result of the incident, in order confirm the scope of any impacted personal information.  On February 1, 2023, the vendor provided a preliminary update to Livingston indicating that some sensitive personal information may have been impacted.  Upon the conclusion of the detailed third-party data review, Livingston took steps to further identify the impacted individuals and their contact details and has determined that eleven (11) Maine residents may have been impacted. As a follow up to its preliminary employee notice, Livingston has notified the impacted Maine residents of the security incident by mail and provided access to a complimentary 24-month subscription to credit monitoring and identity restoration services provided by Cyberscout (a TransUnion brand).