Cyber Incident Victim: LPL Financial

On November 1, 2018, an unauthorized individual gained access to a third-party file-sharing system used by Capital Forensics, Inc. (CFI), a vendor providing document production and data analysis services to LPL Financial. The intrusion was detected by CFI four hours after it began, with containment measures completed within six hours of initial discovery. The compromised system contained files with personally identifiable information of investors associated with CFI's clients, including LPL Financial. Exposed data included investor names, addresses, Social Security numbers, and account numbers. CFI confirmed the breach affected multiple clients but not all clients served by the vendor. The specific method of unauthorized access and total number of affected individuals were not disclosed in available reports.

LPL Financial notified its financial advisors about the incident on November 9, 2018, confirming their limited use of CFI's services and the exposure of investor data through the vendor's system. The firm implemented heightened monitoring of affected investor accounts to detect potential fraudulent activity and coordinated with CFI to provide complimentary credit monitoring and identity protection services to impacted individuals. Notification letters were mailed directly to affected investors. CFI stated it had notified all affected clients and was conducting a thorough investigation while taking steps to enhance security protections for its client base. No information regarding potential extortion or ransom demands was confirmed in available reporting, and CFI did not respond to specific media inquiries about the attack vector or scope of data exposure.