- The Charpentier Wealth Strategies office belonging to the Lincoln Financial Advisors has announced a data breach.
- Apparently, an unknown person is holding a disk drive that contains sensitive client information.
- The exposed data includes full names, addresses, social security numbers, and bank account information.
“Lincoln Financial Advisors,” or Lincoln, has disclosed a data breach that has resulted in the exposure of sensitive personal and financial details of its clients. The security incident was discovered by the Pennsylvania-based company on March 19, 2020, after the firm learned that an unknown third-party was in possession of a hard disk drive containing their client data. The drive may come from the Charpentier Wealth Strategies office in Bakersfield, California, but the company cannot be certain about it. If you did business with the insurance brokers, chances are you have been affected by the disclosed breach.
The information that has potentially been leaked now includes the following:
- Full names
- Home and/or business addresses
- Social Security numbers
- Dates of Birth
- Bank Account information
- Driver’s License number
- Financial Account number
It is not clear what the bank account information would include, but there may be checking numbers, routing transit numbers, and other sensitive data in it. For this reason, Lincoln has arranged the provision of a one-year membership in Kroll’s identity monitoring and protection services, so the recipients of these notices are encouraged to enlist before July 15, 2020. To do it, visit this webpage and enter the membership number that has been provided in the message that you received from Lincoln. Alternatively, call “1-844-263-8605.” If you have any other questions to address to Lincoln, you should contact them at “1-888-921-0513.”
This story reminds us of the Health Share Oregon incident from last February when a thief stole a laptop from the organization’s offices and run away with the valuable data that was stored inside. Cyber-security is also about physical data protection, which is a basic element that many people often forget. While Lincoln hasn’t clarified if the disk ended up in the unknown individual’s hands in the context of a robbery, it certainly seems possible when considering the rest of the story. It is precisely why disk encryption should be a standard security practice for all companies that hold sensitive client data.
Lincoln states that the data protection and law enforcement authorities have been informed about the incident and that they are already cooperating with them in the ongoing investigation. Lincoln customers will now have their account security heightened. Finally, contracted investment companies were also directly advised to take the appropriate precautionary measures.