[BreachExchange] US Accounting Firm Moss Adams Discloses Data Breach

Destry Winant destry at riskbasedsecurity.com
Tue Dec 31 10:07:39 EST 2019


One of the largest public accounting firms in the United States, Moss
Adams, has suffered a data breach. The firm suffered the security
breach that potentially exposed the names and Social Security Numbers
of the customers.

Moss Adams Suffered Data Breach

 Reportedly, the US-based accounting and wealth management firm Moss
Adams has fallen prey to a cybersecurity incident. Following the
incident, Moss Adams suspects data breach that potentially exposed
data to attackers.

The firm disclosed the details of the incident in a statement shared
on the website of the California Attorney General. As revealed, the
firm noticed some unusual activity with one of their employee’s email
account in October 2019.

Investigating the matter revealed that the email account had some
personal information of the customers or employees. Thus, they suspect
that attackers might have accessed this data.

"Our investigation subsequently determined that the impacted Moss
Adams email account was accessed by an unauthorized third party and
this account contained some of your personal information, although we
do not know if your personal information in the email account was
actually accessed by the third party."

 Moss Adams did not explicitly mention if the exposed information
belonged to customers, the employees, or both. Moreover, they have
also not stated a specific number of affected individuals.

Security Measures Underway

Following the incident, the company immediately took steps to contain
the attack.  Furthermore, they also assured that the incident did not
affect any information systems.

 Out of caution, the company is offering free credit monitoring
services for one year to the affectees.

"Out of an abundance of caution, we are offering you a one-year
membership to TransUnion Interactive’s myTrueIdentity credit
monitoring and identity restoration service at no cost to you."

 Meanwhile, they continue with their investigations regarding the incident.

In October, an Italian financial service UniCredit also revealed a
data breach that affected the firm in 2015. The incident potentially
impacted 3 million customers. Let us know your thoughts in the

More information about the BreachExchange mailing list