Income and Capital Growth Strategies Inc. is notifying clients of a hack that occurred between July 12 and July 15 of this year. The breach was discovered on July 15. In their notification letter dated August 8, Doug Thorburn, the principal of the firm, writes:
We have recently discovered unauthorized access to our computer network by unknown person or persons. While the only losses so far are to Doug Thorburn personally (and we believe Doug Thorburn was the target), it is possible personal information about you and your dependents including your name, address, social security number, birthdate, driver’s license number and bank account information (for those who use direct deposit for tax refunds) was obtained.
The breech [sic] occurred on or about July 12-15, 2013. We do not know how the breech [sic] occurred. This notification was delayed because law enforcement personnel asked that we delay notification due to the ongoing investigation.
We are disclosing this possible breach even though we do not believe it is reasonable to assume that any unauthorized people actually accessed your information. Regardless, we are following up with law enforcement detectives and doing everything to ensure this never happens again.
The letter does not indicate whether the firm brought in forensics experts to determine whether client data may have been accessed. Nor does the firm offer any credit monitoring services, but asks clients to call them if they become victims of ID theft.