top of page
  • April M Strauss

EMC National Life Company: Unauthorized Network Access Reported

Updated: Apr 26, 2022

fingerless gloved hands on a laptop keyboard in a darkened background

On April 8, 2022, EMC National Life Company (“EMC” or “Life Company”) reported a security incident through California’s data breach reporting system. According to the report, customer personal information was acquired from its network between December 28 – December 30, 2021. EMC discovered the intrusion, approximately 2 months later, on March 9, 2022. Personal information that may have been acquired includes:

• Full Name

And one or more of the following:

• Social Security numbers

• Taxpayer identification numbers

• Driver’s license numbers

• Financial Account Information

• Payment Card Information

• Date of Birth

• Medical Information

EMC has stated that they are not aware of any reports of identity fraud or improper use of any information as a direct result of this incident.

A link to EMC Notice of Data Breach posted by the State of California can be found here.

Is credit monitoring being offered?

Yes, EMC is offering one year of complimentary credit monitoring through Experian’s IdentityWorksSM Credit 3B.

To read more about the EMC Notice, click here

California Laws Protect Data Breach Victims

California residents who received a EMC Data Breach Notice may be entitled to between $100 and $1,000 or their actual damages, whichever is greater. ¹

The California Customer Records Act (CCRA) requires businesses to put into place and maintain reasonable security procedures and practices that protect a consumer’s personal information. More comprehensively, the California Consumer Privacy Act (CCPA) contains many protections for the personal information of California residents. And the California Confidentiality of Medical Information Act (CMIA) requires that varies entities who maintain medical information do so in a manner that preserves its confidentiality.

Participants in data breach lawsuits can recover damages, injunctive relief (to make sure that the business has reasonable security practices to protect consumer data from being leaked again) and anything else a court concludes is necessary to compensate data breach victims and prevent these harms from reoccurring.

A team of experienced attorneys is currently investigating whether EMC violated its obligation to maintain reasonable security procedures and practices to protect its customers’ personal information. To contact someone on our team, click here.


I received a notification from a company claiming to be EMC National Life, but the return address says “Return Mail Processing Center.” Is this legit?

That is the return address on the official EMC Notice on record with the California data breach reporting system. Specifically, the return address on the Notice is:

Return Mail Processing Center P.O. Box 6336 Portland, OR 97228-6336

Generally, if you have any concerns about the legitimacy of a data breach notice you receive, you can often compare it to the document recorded with state authorities online to confirm its authenticity, or contact the company who issued the notice using independent contact information.

How do I know if my identity has been stolen?

What steps can I take to safeguard my data from cyber-thieves?

What Is The Difference Between A “Credit Freeze” and A “Fraud Alert”?

What do I do if I think I am the victim of identity theft?

We Can Help You Exercise Your Rights

Every case is unique. Even when your data has been part of a breach, you may not necessarily be awarded compensation. Experienced data breach class action attorneys can help you exercise your rights and evaluate your options and decide whether you are entitled to compensation under the CCPA or CMIA. There are no out of pocket costs to you, as we only get paid if we prevail.

For more information on your legal options, please contact us using the form found here

Inquiries are Confidential • No Cost • No obligation

Links on this website are not intended to be referrals to or endorsements of the linked entities or imply any relationship to the linked site or its operator.


Commenting has been turned off.
bottom of page