[BreachExchange] Redtail CRM data breach exposes personal client data

Destry Winant destry at riskbasedsecurity.com
Wed May 22 10:04:44 EDT 2019


https://www.investmentnews.com/article/20190521/FREE/190529989/redtail-crm-data-breach-exposes-personal-client-data

A data breach may have exposed personal client information that
advisers store on Redtail Technology's client relationship management
software, according to an email the fintech firm is sending to
affected advisers.

The email, obtained by InvestmentNews, says the firm discovered on
March 4 that its logging systems inadvertently captured a "small
subset of the sensitive investor data" advisers keep on the CRM. The
data were stored in a file that anyone on the internet could access.

Investor information in the file includes first and last names,
physical addresses, dates of birth and Social Security numbers.

Redtail said in the email that it removed access to the file and
launched an investigation as soon as it learned about the exposed
data. But it said that remediation has been delayed because of the
nature of the data, the format in which it was maintained and the time
it takes to consolidate and correlate with Redtail's databases.

Redtail had to build specific applications to determine which clients'
data was exposed. The company is emailing affected investors and
offering free access to LifeLock Defender Preferred, a credit and
identity theft monitoring and remediation product from Symantec.

"Less than 1% of Redtail clients were affected by this data exposure,"
Redtail CEO Brian McLaughlin said in an emailed statement. "We are
taking this matter very seriously and are doubling down on our efforts
to ensure that our customers' data is safe and secure."

Mr. McLaughlin also clarified there was no intentional break-in of
Redtail's systems by a third-party. "It was a temporary exposure which
Redtail uncovered and corrected," he said.

Redtail is one of the most popular CRMs among financial advisers.
According to Technology Tools for Today's 2019 Software Survey,
Redtail commands a 57% market share.


More information about the BreachExchange mailing list