LPL Financial underwent a data breach due to the attack on their third-party platform, Capital Forensics. As investigations are still occurring, details of what happened are still being sorted out.
The breach occurred on November 1st, 2018 and was contained within six hours of its existence. Personal information of LPL advisors’ clients was exposed in that brief moment.
Capital Forensics released a statement which had no more than a few sentences, stating that a small number of clients were impacted by the exposure. There was no indication of exactly how many records were affected by this attack.
All affected clients of this data breach will be notified by Capital Forensics. A vendor system that the company uses that may have been the point of vulnerability, but they refused to be publicly announced.
“Part of the benefit of publicizing data breaches is that it gives others an opportunity to look at their own systems. It gives others an opportunity to try to get ahead of other breaches,” Sharron Ash said who handles issues on litigations. “The more information we all know about these breaches, the more firms can protect themselves and protect their customers from future breaches.”
By being transparent about a data breach may help other institutions check if they have similar vulnerabilities that they can resolve before experiencing the same exposure.
Capital Forensics provides data analysis, expert testimony, litigation support and regulatory consulting for a range of clients in financial services, including other broker/dealers, banks, insurance companies and registered investment advisors.
How a firm handles a breach can impact how other industries, as well as customers, view the company.
After Target’s 2013 data breach, “how many folks do you know that no longer really want to pull out their creit card at Target?” asked Ash, making a point that these incident do impact us all.
The company was relieved that none of their systems were compromised, and they took immediate steps to remove LPL data from the shared system used by Capital Forensics. As the investigations continue, more clarity of what occurred will be brought to light.
In a statement, LPL noted that they “immediately implemented procedures to protect our financial advisors and their investor clients” upon learning of the breach.
Breaches in the banking, credit and financial sector are becoming more common, according to nonprofit Identity Theft Resource Center. The organization identified 134 breaches in 2017, up from 51 the year prior. Hackers produced the majority of last year’s breaches across all sectors, but there were still over 110 incidents of breaches that occurred as a result of subcontractors or third parties. Last month alone there were five breaches that had occurred in the banking, credit and financial sector, according to the organization.
The breach should be a wake-up call for advisors, said Cox. “It highlights for advisors the importance of protecting information, because we take for granted that the information is secure. We do everything we can to make sure of it.”
If you were impacted by this data breach, LPL Financial is offering free protection services.
Original Article Found Here.