Please ensure Javascript is enabled for purposes of website accessibility

Another Accounting Firm Has Had Its Data Breached

ridiculous hacker stock photo

Just when you think “hacker” stock photos couldn’t get any dumber. This is not a practical outfit for hacking activities, come on.

Without bothering to search our archive of 16,000+ posts published since 2009, it’s a safe guess that we’ve never written about (revenue >$5 million) of Scottsdale, Arizona. But we are today!

Spotted on JD Supra, SCP&H filed a notice of data event with the Attorney General of Montana on January 24, 2024 [PDF] that states the firm discovered “unauthorized access to the firm’s email tenant and storage site” from June 6, 2023 to July 12, 2023.

The letter they’ve sent to potentially affected individuals contains more info:

Sigrist, Cheek, Potter & Huyser, PLLC (“SCP&H”) writes to inform you of a recent cyber incident that may impact the privacy of some of your information. This notice provides you with information about the incident, our response, and steps you may take to further protect your information against identity theft and fraud, should you determine it is appropriate to do so.

What Happened? On July 11, 2023, SCP&H identified suspicious activity within an employee’s email account and a cloud-based data storage site used to store documents. In response, we immediately took steps to secure our email tenant and storage site and launched an investigation, with the assistance of third-party forensic specialists, to determine the nature and scope of the incident. The investigation determined that there was unauthorized access to our email tenant and storage site from June 6, 2023, to July 12, 2023. SCP&H undertook a thorough and comprehensive review of all data potentially impacted by this event to identify what information was contained within the data and to whom that data relates. This review concluded on January 4, 2024, and we determined that information related to you may have been impacted by this event.

What Information Was Involved? Based on the review of the data, we determined that your name and [Extra1*] were potentially accessed by an unknown, unauthorized actor as a result of this incident.
What We Are Doing. SCP&H takes this incident and the security of information within our care very seriously. Upon discovery of this incident, we immediately launched an in-depth investigation to determine the full nature and scope of this incident and moved quickly to assess the security of our email accounts and notify potentially affected individuals. As part of our ongoing commitment to the privacy of information within our care, we are working to implement additional security measures to further protect against similar incidents in the future. Additionally, we notified federal law enforcement, the IRS, and state tax authorities of this event and we will also be notifying state regulators, as required.

*Extra1 is not defined in the letter. Based on the below, it’s probably at least SSN.

They then offer to usual complimentary access to Experian credit monitoring and advise clients to “remain vigilant against incidents of identity theft and fraud for the next 12 to 24 months and to review your account statements and credit reports to detect errors or suspicious activity.” Additionally there’s this scary bit of info:

File Your Tax Return. We encourage you to file your tax return as soon as possible, if you have not already done so. You can also contact the IRS at www.irs.gov/Individuals/Identity-Protection for helpful information and guidance on steps you can take to prevent a fraudulent tax return from being filed in your name and what to do if you become the victim of such fraud. You can also visit www.irs.gov/uac/Taxpayer-Guide-to-Identity-Theft for more information.

Yikes.

A few other recent data breach cases at accounting firms:

Leave a Reply

Your email address will not be published. Required fields are marked *