Skip to main content
Stericycle - Go to home page
Blog     Corporate     August 2020     Notice of Data Security Incident
31 August, 2020

Notice of Data Security Incident

Stericycle recently conducted an investigation, with the assistance of a leading cybersecurity firm, into email phishing attempts targeting Stericycle employees.

Our investigation revealed that some of these email accounts containing personal information appear to have been accessed without authorization. We have no evidence that any email message containing personal information was viewed or misused in any way. In addition to launching an investigation, we secured each impacted employee email account, and continue to monitor for suspicious activity.

The dates of potential unauthorized access varied by email account, but the overall period of unauthorized access to the email accounts was between October 2019 and April 2020. 

The types of personal information contained in the email accounts varied by individual. In general, a limited number of emails contained in the impacted accounts may have included personal information including: Name, Social Security Number, Tax ID Number, Driver’s License Number, Passport Number, other government identification numbers, financial account/payment card account number, medical or health insurance information.

The protection of personal information is among Stericycle’s highest priorities. We utilize robust measures to protect personal information. These measures are reviewed and frequently updated, as appropriate, by our internal Information Technology team and external experts that support us. We strive to continually improve our data security and maintain a secure environment for personal information. 

As an added precaution, we are providing potentially affected individuals with access to 24 months of identity protection services at no cost. We have mailed written notifications, as appropriate, to potentially impacted individuals for whom we had valid contact information.

We have established a dedicated call center to answer questions related to this event. If you believe that your personal information may have been affected by this incident and you have not received written notification, please call:

Within the United States: (833) 431-1281

Outside the United States: +1 (971) 350-1531

Posted by