LPL providing credit monitoring, identity protection to investors exposed by data breach

LPL providing credit monitoring, identity protection to investors exposed by data breach
The firm remains tight-lipped about how many investors were affected.
NOV 14, 2018

LPL Financial is taking steps to safeguard financial advisers and their clients whose names, addresses, account numbers and Social Security numbers were exposed in a recent data breach. According to LPL spokesman Jeff Mochal, the broker-dealer is still investigating the matter but is providing affected investors with free credit monitoring and identity protection services. "We have notified our financial advisors of this incident, and will communicate by mail with impacted investors to provide them more information and the steps we are taking — as well as the services we are providing — to protect them," Mr. Mochal said in an emailed statement. He did not indicate how many investors or advisers were affected by the breach. (More: Voice commands, cybersecurity take center stage at T3) In an email to brokers, LPL president and CEO Dan Arnold said the firm has implemented heightened monitoring of the affected accounts for any fraudulent activity. "Protecting your investor is our top priority, and we deeply regret this unfortunate security incident and any potential disruption it may cause to your business," Mr. Arnold said in the email. Capital Forensics Inc., a company that provides data analytics to aid firms in litigation, regulatory, compliance and fraud matters, discovered Nov. 1 that an unauthorized person gained access to a third-party file-sharing system it uses. The person was able to access data files belonging to several of Capital Forensics' clients, including LPL. According to Mr. Arnold's message to brokers, all LPL data were immediately removed upon detecting the breach, and the firm notified regulators. A company spokesperson for Capital Forensics clarified in a statement that thebreach was limited to four hours and was mitigated within six hours of occurrence. The spokesperson added that Capital Forensics is working with outside legal and forensic experts on an ongoing investigation. The company also set up a call center so investors who were affected can get additional information. Without knowing more specifics about the breach, it's tough to determine whether LPL, Capital Forensics or both companies are vulnerable to enforcement actions, said Harley Lippman, CEO of Genesis10, a firm providing internal technology services and staffing for large financial institutions. As with the recent data breach at Voya Financial Advisers, which resulted in a $1 million settlement with the Securities and Exchange Commission, the LPL breach shows how the third parties it deals with can create vulnerabilities for financial institutions. (More: SEC adds cybersecurity bite to its bark) Both the Financial Industry Regulatory Authority Inc. and the Securities and Exchange Commission declined to comment on the matter. Mr. Lippman believes firms like LPL need to do more rigorous penetration testing to identify where data can be accessed on their third-party systems. "A cybersecurity company should try to break into the system, try every which way to hack into it and see where the weaknesses are," he said. "That's basic, but not every cybersecurity company does that."

Latest News

Advisor moves: LPL welcomes $750M Osaic team, Raymond James recruits Wells Fargo duo in New York
Advisor moves: LPL welcomes $750M Osaic team, Raymond James recruits Wells Fargo duo in New York

Elsewhere in Utah, Raymond James also welcomed another experienced advisor from D.A. Davidson.

UBS loses arbitration battle in fiduciary fight over foundation funds
UBS loses arbitration battle in fiduciary fight over foundation funds

A federal appeals court says UBS can’t force arbitration in a trustee lawsuit over alleged fiduciary breaches involving millions in charitable assets.

RIA moves: NorthRock adds $800M Parkside Advisors, NFP acquires Levine Group in Tennessee
RIA moves: NorthRock adds $800M Parkside Advisors, NFP acquires Levine Group in Tennessee

NorthRock Partners' second deal of 2025 expands its Bay Area presence with a planning practice for tech professionals, entrepreneurs, and business owners.

Three easy ways to boost your firm’s impact this summer
Three easy ways to boost your firm’s impact this summer

Rather than big projects and ambitious revamps, a few small but consequential tweaks could make all the difference while still leaving time for well-deserved days off.

Hightower taps Osaic alum Scott Hadley as first chief advisory officer, expands C-suite
Hightower taps Osaic alum Scott Hadley as first chief advisory officer, expands C-suite

Hadley, whose time at Goldman included working with newly appointed CEO Larry Restieri, will lead the firm's efforts at advisor engagement, growth initiatives, and practice management support.

SPONSORED How advisors can build for high-net-worth complexity

Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.

SPONSORED RILAs bring stability, growth during volatile markets

Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.