California-based Tomren Wealth Management has acknowledged that its server was breached between February 21 and March 6 of this year.
The notification letter sent by the company to the affected clients states that while forensic investigators found that spamming software had been loaded onto the server, it’s unclear whether the attacker also accessed any clients’ personal information.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
"The forensic examiners found spamming software was loaded onto the machine in a failed attempt to send out ‘junk" spam emails, however, we have been unable to determine whether the unauthorized party accessed any personal information relating to you," Michael Tomren wrote to those affected.
Clients’ personal information stored on the server included names, Social Security numbers, driver’s license information, and clients’ FSC broker account numbers.
"At no time was there ever any access to your actual accounts and holdings with our firm," Tomren wrote. "We have reviewed the daily transaction reports and we have found no irregularities."
Tomren added that the company has upgraded its firewall, changed all passwords, deleted some applications, and hired forensic examiners.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataThe company said that it will provide all affected clients with two years of free identity protection services from AllClear ID.
