DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

LPL Financial notifying advisors after Capital Forensics, Inc. was hacked

Posted on November 12, 2018 by Dissent

LPL Financial has sent a notification about a third-party hack that was shared with DataBreaches.net by a reader. The hack involving Capital Forensics, Inc. has reportedly affected a number of that vendor’s clients (but not all clients).

From their November 9th notification to advisors, LPL writes:

*What Happened*
LPL works with a firm called Capital Forensics, Inc. (CFI) on a limited basis in support of document production and data analysis efforts. On November 1, an unauthorized person accessed a third party file-sharing system that CFI uses with its customers, including LPL. The unauthorized person appears to have gained access to data files containing personally identifiable information, including investor names, addresses, social security numbers, and account numbers.

*What We Are Doing to Protect Affected Investors*
To protect impacted investors, we have implemented internal procedures that will provide heightened monitoring of their accounts to help prevent fraudulent activity. We have also worked with the vendor to provide credit monitoring and identity protection service at no charge for any impacted investor. We’ll also be mailing a letter to impacted investors regarding this incident.

DataBreaches.net emailed an inquiry to CFI earlier this morning, but has received no response by publication time.  The inquiry asked how the attack occurred, how many people had their personal or financial information accessed or acquired, and whether there was any extortion or ransom demand as part of the incident.

This post will be updated if CFI responds or more information becomes available. It appears that RIABiz did get some statement from CFI last week. They report:

The hack was discovered four hours after it began, and it was sealed within six, says a Capital Forensics spokesman, in a prepared statement, via email. “All affected clients have been notified, and we’re working closely with them to remediate this matter … we’re conducting a thorough investigation and taking steps to further protect all our clients.”

Related posts:

  • LPL Financial reports theft of computers
  • Forbes Breach Email Statistics
  • TeamGhostShell posts “master list” of 548 leaks (so far)
  • A further 512 websites hacked and defaced by HaX.R00T
Category: Breach IncidentsHackSubcontractor

Post navigation

← Iranian hackers suspected in cyber breach and extortion attempt on Navy shipbuilder Austal
UK: Six month prison sentence for motor industry employee in first ICO Computer Misuse Act prosecution →

2 thoughts on “LPL Financial notifying advisors after Capital Forensics, Inc. was hacked”

  1. William Lencioni says:
    November 22, 2018 at 8:35 am

    LPL is not working closely with us. We got letters and really nothing else, not even a phone number at LPL to call. They want to turn people over to the company they are offering protection from. I expect a representative from LPL to be accountable and part of all this . I left a voice message for Gerald F. Spada at LPL. So far no response. If LPL continues to want to take the easy way out I hope you can help or some governmental agency will help to get them to stand up and take an active role in protecting their customers. We have not been a customer for over three years and were shocked to learn they did not wipe us clean from their data base. Another question that LPL needs to answer!

  2. Richard Cook says:
    November 22, 2018 at 2:15 pm

    I agree with the lack of attention LPL is providing. All Clear Fraud protection does not receive glowing stars as a protection gift from LPL. Premium Life Lock protection should be the first choice. Next we have all the management fees we pay. What did we pay for? They allowed a third party, Capital Forensics into our files. What portion of the management fees allowed Capital in? Did I give permission for them to see my so called secure files? Not Happy! Somebody got my and my wife’s Social Security .My advisor may loose our account do to the breach.

Comments are closed.

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Swiss Health Foundation Radix Hit by Cyberattack Affecting Federal Data
  • Russian hackers get 7 and 5 years in prison for large-scale cyber attacks with ransomware, over 60 million euros in bitcoins seized
  • Bolton Walk-In Clinic patient data leak locked down (finally!)
  • 50 Customers of French Bank Hit by Insider SIM Swap Scam
  • Ontario health agency atHome ordered to inform 200,000 patients of March data breach
  • Fact-Checking Claims By Cybernews: The 16 Billion Record Data Breach That Wasn’t
  • Horizon Healthcare RCM discloses ransomware attack in December
  • Disgruntled IT Worker Jailed for Cyber Attack, Huddersfield
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The Trump administration is building a national citizenship data system
  • Supreme Court Decision on Age Verification Tramples Free Speech and Undermines Privacy
  • New Jersey Issues Draft Privacy Regulations: The New
  • Hacker helped kill FBI sources, witnesses in El Chapo case, according to watchdog report
  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.