Stolen Server Exposes Accounting Clients' Personal Data
The unencrypted server held clients' names, addresses and Social Security numbers.
Green's Accounting in Greenfield, Calif., recently began notifying an undisclosed number of clients that their personal information may have been exposed when the firm's offices were burglarized on April 6, 2014.
The burglars broke in by smashing the office's back window with the rock, then stole the firm's network server, some monitors, and a modem.
The server held unencrypted data, including clients' names, addresses and Social Security numbers. For clients who received direct deposits of their tax refunds, it also held their banks' names, routing numbers, and bank account numbers.
"Our firm believes the equipment, which was stolen, was probably taken for the value of the hardware, rather than the information contained on it," Green's Accounting owner Brent T. Green wrote in the notification letter [PDF]. "Additionally ... the information is password protected, and it is unlikely that unauthorized persons would be unable to break through the password security system in order to access confidential data."
While no credit protection services are being offered to those affected, the notification letter advises all recipients to consider using free credit montoring services, and to place fraud alerts on their credit files.
Photo courtesy of Shutterstock.