Link: https://www.doyon.com/data-security-incident-information/
Update July 2, 2025
Last month, Doyon shared information about a data security incident our company experienced in April 2024. In an effect to continue communication about this incident, we would like to answer some Frequently Asked Questions about the event, Doyon's response, and what we're doing to assist affected individuals.
Q: What happened?
A: In April 2024, Doyon was targeted by a criminal hacker utilizing sophisticated cyberattack tools. Since the incident, Doyon has worked with law enforcement and undertaken a thorough investigation. Doyon has also taken steps to enhance network security and take additional security measures. With the help of Kroll, an outside incident response consultant, Doyon is notifying individuals who personal information was identified as potentially being affected and offering them the ability to sign up for free credit monitoring to protect against identity theft.
Q: I received a letter in the mail. Is this fraud, a scam, or a real incident?
A: A letter on Doyon, Limited letterhead was issued to individuals who were identified as having personal information potentially affected in response to a real data security incident. We encourage those potentially affected to take advantage of the identity monitoring services offered.
The letter received is specific to each individual recipient, and those individuals need to contact Kroll if they want to enter into credit monitoring services. If you have questions about how to enroll, please call Kroll.
Q: What services am I being offered?
A: Doyon has been offered free credit monitoring implemented through a third-party consultant to individuals who personal information was identified as being potentially affected by the incident. Although not every state requests it, Doyon is offering this service at no cost for two years to individuals who personal information is known to potentially be affected, which goes above and beyond most states’ requests. Doyon has also provided notified individuals with recommendations and a guide for contacting the credit reporting agencies to initiate a fraud alert or a security freeze, and steps on how to report incidents of fraud and identity theft to the Federal Trade Commission, and information about reporting to law enforcement.
Q: Why has it taken so long to notify me?
A: Doyon immediately notified law enforcement officials and launched an investigation into the incident. With the help of outside counsel and incident response experts, Doyon underlook a complicated process of working to identify people who personal information may have been affected and who requested notice under applicable law. Doyon takes your privacy seriously and takes its responsibility to protect your privacy seriously. Doyon apologizes for whatever inconvenience this incident may cause you and wants to be sure that you are aware of the credit monitoring service and advice described in the letter you received.
Q: I did not receive a letter notifying me to call Kroll or that my information was breached. What can you tell me?
A: Our outside incident response consultant Kroll sent or is sending notification letters to individuals if Doyon determined that their Personal Information or Protected Health Information may have been affected by the incident, in accordance with legal requirements. If individuals do not receive a letter from Kroll, Doyon has not concluded that their Personal Information or Protected Health Information may have been compromised.
Update July 2, 2025
Last month, Doyon shared information about a data security incident our company experienced in April 2024. In an effect to continue communication about this incident, we would like to answer some Frequently Asked Questions about the event, Doyon's response, and what we're doing to assist affected individuals.
Q: What happened?
A: In April 2024, Doyon was targeted by a criminal hacker utilizing sophisticated cyberattack tools. Since the incident, Doyon has worked with law enforcement and undertaken a thorough investigation. Doyon has also taken steps to enhance network security and take additional security measures. With the help of Kroll, an outside incident response consultant, Doyon is notifying individuals who personal information was identified as potentially being affected and offering them the ability to sign up for free credit monitoring to protect against identity theft.
Q: I received a letter in the mail. Is this fraud, a scam, or a real incident?
A: A letter on Doyon, Limited letterhead was issued to individuals who were identified as having personal information potentially affected in response to a real data security incident. We encourage those potentially affected to take advantage of the identity monitoring services offered.
The letter received is specific to each individual recipient, and those individuals need to contact Kroll if they want to enter into credit monitoring services. If you have questions about how to enroll, please call Kroll.
Q: What services am I being offered?
A: Doyon has been offered free credit monitoring implemented through a third-party consultant to individuals who personal information was identified as being potentially affected by the incident. Although not every state requests it, Doyon is offering this service at no cost for two years to individuals who personal information is known to potentially be affected, which goes above and beyond most states’ requests. Doyon has also provided notified individuals with recommendations and a guide for contacting the credit reporting agencies to initiate a fraud alert or a security freeze, and steps on how to report incidents of fraud and identity theft to the Federal Trade Commission, and information about reporting to law enforcement.
Q: Why has it taken so long to notify me?
A: Doyon immediately notified law enforcement officials and launched an investigation into the incident. With the help of outside counsel and incident response experts, Doyon underlook a complicated process of working to identify people who personal information may have been affected and who requested notice under applicable law. Doyon takes your privacy seriously and takes its responsibility to protect your privacy seriously. Doyon apologizes for whatever inconvenience this incident may cause you and wants to be sure that you are aware of the credit monitoring service and advice described in the letter you received.
Q: I did not receive a letter notifying me to call Kroll or that my information was breached. What can you tell me?
A: Our outside incident response consultant Kroll sent or is sending notification letters to individuals if Doyon determined that their Personal Information or Protected Health Information may have been affected by the incident, in accordance with legal requirements. If individuals do not receive a letter from Kroll, Doyon has not concluded that their Personal Information or Protected Health Information may have been compromised.