On July 9, 2023, Quikcard discovered that an unauthorized third party gained access to a portion of its IT infrastructure and deployed malware which encrypted certain areas of its systems and data. Quikcard immediately deployed countermeasures to secure its network and data from further unauthorized access. Quikcard also engaged third-party cybersecurity experts to assist in containing and recovering from this incident. Fortunately, Quikcard was able to recover its affected systems and data from backup versions.
Quikcard discovered that its systems were impacted by malware on July 9, 2023. However, it wasn’t until July 31, 2023 that Quikcard received validation of the scope of potentially affected individuals and organizations.
If you received a letter from Quikcard, it’s because your information was identified as having been impacted by this incident.
We worked hard to notify all affected individuals as quickly as possible. While the unauthorized intrusion into its network was discovered on July 9, it wasn’t until July 26, 2023, that Quikcard became aware of the potential scope affected individuals and organizations. This was validated with forensic evidence on July 31, 2023. At that point, Quikcard set about crafting a notification plan to ensure that important information was delivered to those impacted as quickly and as effectively as possible.
Based on Quikcard’s investigation, the information involved in this incident varies depending on your relationship with Quikcard. The letter you received from Quikcard should provide the types of information about you or your organization determined to have been involved in this incident. If you did not receive a letter but believe you may be impacted, we encourage you to visit Quikcard’s incident webpage, to confirm whether you identify with any of the impacted groups and, if so, to learn about the types of information about you or your organization which were affected.
Quikcard has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse.
After gaining access to Quikcard’s IT infrastructure, the unauthorized third party accessed and copied information before deploying the malware which encrypted certain systems and data on the network. If your information was involved in this incident, it means that it was accessed or copied by the unauthorized third party. It may have been encrypted by malware on Quikcard’s systems as well, but not necessarily.
If your spouse did not receive a letter from Quikcard regarding this incident we encourage them to visit Quikcard’s incident webpage, to confirm whether they identify with any of the impacted groups and, if so, to learn about the types of information about them which were affected.
Quikcard has security measures in place that allow it to take prompt action against attempted intrusions into its network. Those measures were implemented here. However, incidents of this nature are not always preventable. As the investigation unfolds, Quikcard will continue working with its third-party cybersecurity experts to understand how the incident occurred and how it can further improve its security measures moving forward
Fortunately, Quikcard was able to recover the affected systems and data relatively quickly with only minimal data loss and disruption to its operations. Quikcard worked closely with its cybersecurity experts to restore operations in as secure a manner as possible.
The forensic investigation into this incident is ongoing including the assessment of root cause.
As this matter is under active investigation, we are unable to provide details of that nature.
Moving Forward
Quikcard has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse and has no evidence at this point to suggest any misuse has taken place.
Law enforcement has been notified of this incident and Quikcard is cooperating fully with those authorities.
Quikcard takes the protection of your information very seriously.
Quikcard has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse. In addition, Quikcard is working with third-party cybersecurity experts to complete a comprehensive investigation and has implemented enhanced security safeguards to prevent against an incident of this nature from occurring in future.
Quikcard’s systems are being monitored 24/7 and to date, there has been no evidence of any ongoing unauthorized activity within the network.
Quikcard anticipates that it may take up to several more weeks before the comprehensive investigation is complete. Quikcard elected to notify impacted individuals and organizations as soon as possible, rather than wait for the investigation to be fully completed.
Identity Theft Concerns
There are a variety of steps you can take. The notification letter you received from Quikcard contains helpful information and resources you can utilize to help protect yourself against threats like identity theft and fraud. If at any time you believe you are a victim of identity theft or financial fraud, we recommend you contact your financial institution and local law enforcement to file a report.
Quikcard takes the protection of your information very seriously.
In addition to notifying all impacted individuals and organizations as soon as possible, Quikcard has reported the incident to law enforcement and appropriate regulatory bodies. The letter you received also includes helpful information about steps you can take to further protect yourself and your information should you wish to do so.
If your personal banking information was involved in this incident, you should have received a letter from Quikcard with details for enrolling in the complimentary credit monitoring and identity protection services offered to you. Individuals whose banking information was not involved are not being offered credit monitoring services as the types of information impacted are not sufficient to commit harms such as identity theft or financial fraud.
Quikcard takes the protection of your information very seriously and sincerely regrets that this incident occurred as well as any distress it may have caused you. Quikcard worked hard to notify all impacted individuals and organizations as quickly as possible and to provide everyone with information and tools they can use to further protect themselves should they wish to do so. In addition to that, Quikcard took steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse.
Quikcard has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse. That said, if you have reason to believe you have or will be the target of criminal activity, we recommend that you report the matter to your local law enforcement.
The information involved in this incident is unlikely to be sufficient to commit a serious offence such as identity theft. In addition, Quikcard has taken steps to ensure that any personal or corporate information which was accessed or copied from its systems as a result of this incident has been deleted and protected against fraudulent misuse. In the unlikely event you are subject to an identity theft, we recommend you report the matter to your financial institution and local law enforcement immediately. If you received complimentary credit monitoring services through Quikcard as a result of your personal banking information having been impacted in this incident, there are services available to you through that product, including a fraud specialist and insurance coverage to help you recover your identity.
