Cyber Incident Victim: Capital Forensics, Inc.

On November 1, 2018, an unauthorized individual gained access to a third-party file-sharing system used by Capital Forensics, Inc. (CFI), a vendor providing document production and data analysis services to financial firms including LPL Financial. The intrusion occurred through CFI’s customer-facing file-sharing platform, exposing data files containing sensitive investor information. Compromised records included personally identifiable information such as investor names, addresses, Social Security numbers, and financial account numbers. CFI detected the breach four hours after it began and contained the incident within six hours of its initiation. The vendor subsequently notified all affected clients, though the total number of impacted individuals or organizations beyond LPL Financial was not disclosed in available reports. CFI initiated a thorough investigation into the breach and implemented undisclosed measures to enhance client protections.

LPL Financial confirmed the exposure of investor data through CFI’s compromised system in a November 9, 2018 notification to its advisors. The breach prompted LPL to implement heightened monitoring of affected investor accounts to detect potential fraudulent activity. The firm collaborated with CFI to provide complimentary credit monitoring and identity protection services to impacted individuals. Notification letters were mailed directly to affected investors detailing the incident and remediation offerings. CFI issued a prepared statement acknowledging the breach and its collaboration with clients on remediation efforts but did not publicly disclose the intrusion’s root cause, exact data scope, or whether ransomware or extortion demands were involved. No evidence of data misuse was reported at the time of disclosure.