Our businesses collect, store, use, disclose, process and transfer (collectively, "process") a wide variety of information, including personally identifiable information, for various purposes, including to help ensure the integrity of their services and to provide features and functionality to their customers and POS partners. The processing of the information they acquire in connection with their customers' and POS partners' use of their services is subject to numerous privacy, data protection, cybersecurity, and other laws and regulations. The automated nature of their businesses and their reliance on digital technologies may make them an attractive target for, and potentially vulnerable to, cyber-attacks, computer malware, computer viruses, social engineering (including phishing and ransomware attacks), general hacking, physical or electronic break-ins, or similar disruptions. While they and their vendors have taken steps to protect the confidential, proprietary, and sensitive information to which they have access and to prevent data loss, their security measures or those of their vendors could be breached, including as a result of employee theft, exfiltration, misuse or malfeasance, their actions, omissions, or errors, third-party actions, omissions or errors, unintentional events, or deliberate attacks by cyber criminals, any of which may result in the loss of, or unauthorized access to, their or their customers' data, their intellectual property, or other confidential, proprietary, or sensitive business information. Any accidental or willful security breaches or other unauthorized access to their platforms or servicing systems may cause confidential, proprietary, or sensitive information to be stolen and used for criminal or other unauthorized purposes. Security breaches or unauthorized access to confidential information may also expose our businesses to liability related to the loss of the information, time-consuming and expensive litigation and government investigations, enforcement actions and negative publicity. If security measures are breached for any of these reasons, the relationships our businesses have with their customers may be damaged, and significant liability could be incurred. Although we work hard to detect security breaches or instances of unauthorized access to confidential information, there is no guarantee that our monitoring efforts will be effective.
The techniques used to obtain unauthorized, improper, or illegal access to our information technology systems are constantly evolving, may be difficult to detect quickly, and may not be recognized until after they have been launched. Unauthorized parties have in the past attempted and may in the future attempt to gain access to our information technology security systems through various means, including, among others, hacking into our or their POS partners' or customers' systems or facilities, or attempting to fraudulently induce employees, POS partners, customers or others into disclosing usernames, passwords, or other sensitive information, which may in turn be used to access systems and gain access to confidential, proprietary, or sensitive information. Such efforts may be state-sponsored and supported by significant financial and technological resources (such as evolving artificial intelligence tools), making them even more difficult to detect and prevent. As a result, there can be no assurance that the protections deployed by us will always be successful.
For example, as we have previously disclosed, in September 2023, Progressive Leasing experienced a cybersecurity incident affecting certain of its systems. While there was no major operational impact to any of Progressive Leasing's services as a result of the incident, and our other subsidiaries were not impacted, this incident, as well as any other breach of our systems or facilities, or those of our other businesses, may continue to result in the risks discussed herein.
Any actual or perceived failure to comply with legal and regulatory requirements applicable to our businesses, including those relating to information security, or any failure to protect the information that our businesses collect from their customers and POS partners, including personally identifiable information, may result in, among other things, regulatory or governmental investigations, administrative enforcement actions, sanctions, criminal liability, private litigation, civil liability and constraints on our ability to continue to operate.
Furthermore, federal and state regulators and many federal and state laws and regulations require notice of any data security breaches that involve personal information. These mandatory disclosures regarding a security breach are costly to implement and often lead to widespread negative publicity, which may cause consumers to lose confidence in the effectiveness of our data security measures. Any security breach suffered by us or our vendors, any unauthorized, accidental, or unlawful access or loss of data, or the perception that any such event has occurred, may result in a disruption to our operations, litigation, an obligation to notify regulators and affected individuals, the triggering of indemnification and other contractual obligations, regulatory investigations, government fines and penalties, reputational damage, and loss of customers and ecosystem partners, and our business may be materially and adversely affected.
In addition, we may incur significant costs and operational consequences in connection with investigating, mitigating, remediating, eliminating, and putting in place additional tools and devices designed to prevent future actual or perceived security incidents, as well as in connection with complying with any notification or other obligations resulting from any security incidents. Our insurance policies carry retention and coverage limits, which may not be adequate to reimburse us for losses caused by security breaches, and we may not be able to collect fully, if at all, under these insurance policies. The successful assertion of one or more large claims against us that exceed available insurance coverage, or the occurrence of changes in our insurance policies, including premium increases or the imposition of large deductible or co-insurance requirements, may adversely affect our businesses. Furthermore, we cannot be certain that insurance coverage will continue to be available on acceptable terms or at all, or that the insurer will not deny coverage as to any future claim, including claims related to the cybersecurity incident experienced by Progressive Leasing discussed above. Reduced confidence and participation in our platforms and our data security measures may also adversely affect customers' willingness to perform their obligations under their lease or loan, as the case may be, which could result in reduced collections.