In December 2024, JSP International Group Ltd. experienced a data breach where unauthorized third parties accessed private consumer information between December 26 and December 28. The compromised data included names, Social Security numbers, driver’s license/government ID numbers, medical and health insurance details, and financial account information. The breach led to a class action lawsuit, alleging the company failed to adequately safeguard sensitive data. Affected individuals could claim up to $3,300 for ordinary and extraordinary losses, including out-of-pocket expenses (e.g., bank fees, credit monitoring costs) and documented identity theft or fraud. The settlement fund ranged from $50,000 to $100,000 for class member payments, alongside two years of credit monitoring. The incident exposed customers to financial fraud, identity theft, and reputational harm, with potential long-term consequences for trust in the company’s data security practices.
Source: https://www.claimdepot.com/settlements/jsp-data-settlement
TPRM report: https://www.rankiteo.com/company/jsp
"id": "jsp0692506102825",
"linkid": "jsp",
"type": "Breach",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'All individuals whose private '
'information was identified as '
'potentially accessed or '
'compromised (exact number '
'unspecified)',
'name': 'JSP International Group Ltd.',
'type': 'Corporation'}],
'customer_advisories': {'claim_deadline': '2025-12-01',
'credit_monitoring_instructions': 'Emailed '
'post-settlement '
'finalization',
'exclusion_deadline': '2025-12-01',
'fairness_hearing': '2026-01-07',
'payout_options': ['PayPal',
'Venmo',
'Zelle',
'Virtual prepaid card',
'Paper check']},
'data_breach': {'data_exfiltration': 'Likely (unauthorized access confirmed)',
'personally_identifiable_information': ['Names',
'Social Security '
'numbers',
'Driver’s license '
'numbers',
'Government ID '
'numbers'],
'sensitivity_of_data': 'High (includes SSNs, medical, and '
'financial data)',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)',
'Protected Health Information '
'(PHI)',
'Financial Information']},
'date_detected': '2024-12-26',
'description': 'JSP International Group Ltd. experienced a data security '
'incident between December 26 and December 28, 2024, where '
'unauthorized third parties accessed private information. The '
'breach led to a class action lawsuit alleging failure to '
'adequately safeguard sensitive data, including names, Social '
'Security numbers, driver’s license numbers, medical '
'information, health insurance details, and financial account '
'information. A settlement was reached, offering affected '
'individuals compensation of up to $3,300 for documented '
'losses, credit monitoring, and other remedies.',
'impact': {'brand_reputation_impact': 'Settlement to mitigate reputational '
'damage',
'customer_complaints': 'Class action lawsuit filed',
'data_compromised': ['Names',
'Social Security numbers',
'Driver’s license or government '
'identification numbers',
'Medical information',
'Health insurance information',
'Financial account information'],
'financial_loss': {'attorneys_fees': 'Up to $100,000',
'business_practice_changes_cost': '$330,000 '
'(estimated)',
'credit_monitoring_cost': 'Two years of '
'three-bureau credit '
'monitoring with '
'identity theft '
'insurance',
'extraordinary_losses': 'Up to $3,000 per '
'claimant (documented '
'identity theft or '
'fraud)',
'ordinary_losses': 'Up to $300 per claimant '
'(e.g., bank fees, credit '
'monitoring costs, time '
'spent)',
'service_award': 'Up to $2,500 (class '
'representative)',
'settlement_fund_max': '$100,000',
'settlement_fund_min': '$50,000'},
'identity_theft_risk': 'High (documented cases eligible for '
'extraordinary losses)',
'legal_liabilities': 'Class action lawsuit settled; no admission '
'of wrongdoing',
'payment_information_risk': 'Financial account information '
'compromised'},
'investigation_status': 'Settled (class action lawsuit resolved)',
'post_incident_analysis': {'corrective_actions': 'Business practice changes '
'(estimated $330,000); '
'settlement benefits for '
'affected individuals',
'root_causes': 'Alleged failure to properly secure '
'and safeguard private information'},
'references': [{'source': 'Class Action Settlement Notice'}],
'regulatory_compliance': {'legal_actions': 'Class action lawsuit settled (no '
'admission of wrongdoing)'},
'response': {'communication_strategy': 'Class action settlement notices sent '
'to affected individuals; online and '
'mail-in claim forms provided',
'recovery_measures': 'Compensation for affected individuals, '
'credit monitoring services',
'remediation_measures': 'Settlement agreement including business '
'practice changes (estimated $330,000)'},
'stakeholder_advisories': 'Settlement administrator: JSP Incident Settlement, '
'1650 Arch St., Suite 2210, Philadelphia, PA 19103',
'threat_actor': 'Unauthorized third parties',
'title': 'JSP International Group Data Breach (December 2024)',
'type': 'Data Breach'}