Enova International may not be the biggest name in the financial services space, but it serves as the perfect example of how even relatively smaller players can have a massive impact when something goes wrong.
In July 2022, the company’s small business lending department suffered a data breach as a result of an online hack attempt, resulting in the exposure of the personal information of approximately 60,000 customers.
Have You Been Affected by a Major Data Breach?
If the Enova data breach impacted you directly or you have otherwise suffered as a result of a breach, our attorneys are standing by to help. We work with clients to ensure that they never face significant losses without restitution and that those responsible for security breaches are held to account.
With experience spanning individual legal cases, class action lawsuits, and direct involvement with regulatory agencies, we strive to ensure our clients are always protected.
Even if you’re unsure of the nature of your case and the process you need to follow to put things right, our team is standing by to help bring clarity to the situation. Best of all, we offer a completely free, no-obligation initial consultation, so contact the Bell Law, LLC offices today to find out precisely how we can help at 816-281-0649.
Who Are Enova International?
Enova International is a Chicago corporation and one of a new breed of financial services companies in the fintech space, seeking to utilize the latest technology to provide many similar services to those of traditional banks.
Enova uses its proprietary Colossus platform to harness the power of artificial intelligence and machine learning to provide financial services to non-prime individuals and businesses. As well as working directly with consumers, it also provides access to its technology to other institutions, enabling them to make lending decisions and create financial relationships based on information beyond the scope of a conventional credit score.
Understanding Enova International Security Breaches
As noted, the most recent Enova security breach saw information belonging to over 60,000 corporate customers being stolen as part of an intentional hack on the company’s servers.
The breach indicates the challenges that all companies face in terms of data security. Even a fintech brand with over 1,500 people employed, with many presumably highly tech-literate, cannot underestimate the risk involved in holding customer data and the responsibility for active compliance.
When a technology-focused operation can face such issues, it means that any business can suffer from hacks and other types of security breaches. For businesses and consumers, that makes it all the more important to monitor and review the data shared with organizations constantly.
Unfortunately, there is often only so much that individuals and businesses across the country can do. Brands like Enova International have a right to handle a copy of certain data in order to inform their lending decisions. However, it is up to them to live up to the terms and conditions of operations laid down in law, just as they expect their customers to observe theirs. Once it is in their hands, it becomes their responsibility to ensure that the records attached to each account are encrypted and protected across their network, preventing any kind of unauthorized access.
Naturally, fintech providers are not alone in handling sensitive personal data. Suppose you read books on an electronic device, sign up for newsletters, or hold a loyalty card with no specific financial incentive. In that case, you choose to share at least some personal information with a third party.
If their network security is not up to scratch, or there are failures in their compliance and risk assessment policies, your personal information could be vulnerable.
Law enforcement agencies take such vulnerabilities very seriously. If you have suffered any financial loss or emotional distress as a result of one of these third parties suffering a security breach, you have the right to do something about it.
Such security breaches can quickly become a legal matter. As such, you should seek out skilled and experienced legal expertise to ensure your case not only has legal merit but that you have someone on your side that will always work in your best interests – even in the face of the largest corporations.
When you work with a data breach attorney from Bell Law, LLC, you always have someone on your side that will work tirelessly to ensure you get what you deserve. Whether you are ready to file or exploring your options, you can speak to us at your convenience with no commitment or initial fee at 816-888-8206.
Enova International’s Other Issues
2022’s date brach at Enova International was not the first time that the company has drawn attention for the wrong reasons. The brand’s parent company, Cash America International, was ordered to refund customers to the tune of $14 million in 2013 for utilizing the practice of robo-signing on court documents throughout numerous debt-collection lawsuits.
In the same investigation, the company was found to have violated the Military Lending Act by charging servicemembers and their families more than they were legally entitled to do so.
In 2014, another brand under the Cash America International umbrella, Credit Payment Services, faced a class action lawsuit for harassing marketing practices.
Enova International again fell foul of the Consumer Financial Protection Bureau (CFPB) in 2019, when it was ordered to pay a civil money penalty of $3.2 million while also being prohibited from automatically initiating electronic payments without a valid consent order.
The case stemmed from Enova’s failure to abide by loan extensions granted to customers while also regularly debiting money from personal accounts without permission.
Frequently Asked Questions
Data breaches are more common than many are led to believe. There were more than 4,000 publicly disclosed breaches in 2022, and that goes without considering breaches that were ignored, never identified, or potentially even covered up.
In September, the same individual reportedly caused data breaches at both video game studio Rockstar and ridesharing brand Uber. In both cases, the attacker reportedly gained access not to identify and acquire personal records but instead to acquire game files and to alter Uber’s internal systems.
Nelnet Servicing, a company responsible for the servicing of student loans, suffered a data breach in June that led to the leaking of names, addresses, phone numbers, and social security numbers of over 2.5 million users. Meanwhile, a breach at financial services company Revolut led to the exposure of sensitive information belonging to over 50,000 users.
Towards the end of the year, relatively large companies, including LastPass, Air Asia, Shein, Toyota, and Dropbox, all suffered further data breaches.
The unenviable title for the biggest data breach in history belongs to Yahoo. The severity of the breach is largely attributed to its length. The breach went undetected and unaddressed between 2013 and 2016 and reportedly affected up to three billion user accounts.
This most major data breach was orchestrated by a Canadian and a Latvian in the employ of Russia’s Federal Security Service. Many of the targets were Russian nationals, but the operation extended to influential individuals across the US, UK, and mainland Europe.
The breach ultimately resulted in a class-action lawsuit. Yahoo created a settlement fund of $117,500,000 as part of their agreement, used for compensation to service users in the US and Israel. Victims were able to use their share as payment to monitor their credit records for up to two years or as a cash settlement of up to $358.80.
Speak to a Data Breach Lawyer From Bell Law, LLC Today
If you have suffered as a result of the Enova International data breach and wish to take action against the firm, the lawyers from Bell Law, LLC are standing by to help.
Whether you have already collated a portfolio of evidence on which to base your case, or you simply need advice and guidance on whether you have a case at all, our team will work with you to ensure that your rights are respected and that all parties know precisely where they stand.
It is the company’s responsibility to ensure compliance, meaning that any sensitive information held on customers and clients, whether on paper or on servers, is encrypted across their network servers. It is also up to them to manage risk, even down to the basics such as applying recommended software updates. Any failure to do so may be considered negligent, and we will help you exercise your rights and receive the redress you deserve.
We invite prospective clients to reach out by phone initially. However, our attorneys are happy to meet at a place of your choosing to discuss the case in more detail and to talk about the procedures involved in gaining rightful compensation.
So, if you feel like unauthorized third parties may have gained access to your data stored with Enova as a result of an attack, do not hesitate to call us today to request further information and to initiate a review of your case. Contact us at 816-281-0649.
