Transcend Capital reports that its data server in Austin Texas was hacked during the week of August 20th. The compromised server held clients’ name, physical and e-mail addresses, Social Security numbers, telephone numbers, security positions and cash positions.
In a notification to the California Attorney General’s Office, James Kupfer, Chief Compliance Officer, notes that the firm has “no reason to believe any client data was accessed” and that it seems “unlikely” that data was accessed. The firm has notified all clients, however, and offered them a free credit monitoring service. In notifying clients, Transcend writes that they have “specific reason to believe” that the clients’ data were not accessed, but they do not indicate what that specific reason was.
It’s not clear from the notification whether their belief that no data were accessed or are likely to have been accessed is based solely on internal review or involved outside forensic investigators. There is also no specific mention of encryption in their notification, and the steps they outline for preventing future occurrences also make no mention of encryption. Transcend Capital has not yet responded to an inquiry sent to them seeking clarification on these points.