An Ameriprise Financial advisor fell victim to a phishing scam last month, potentially exposing clients' personal data, a state regulator reported.
The Maine attorney general's office indicates that 598 people, including 52 in that state, were potentially exposed in the Dec. 4 breach, which involved a phishing email — a scam that used legitimate-looking messages to trick recipients into revealing sensitive information.
"On December 4th, your advisor was the victim of a phishing incident," reads an Ameriprise letter to clients, posted on the Maine AG's website. "The individual received an email that appeared to be a legitimate communication from a client. This incident provided a bad actor with the potential to access and/or transmit certain client information for a temporary period of time.
"While we have not identified evidence that your personal information was actually accessed or transmitted, we are providing this notice as a precautionary measure," the letter states. "Our information security team promptly detected and contained the incident. We immediately initiated a thorough investigation that allowed us to identify the clients who may have been affected and the scope of the information that could have been compromised."
The breach potentially exposed client names, addresses, phone numbers, email addresses, birth dates, Social Security numbers, driver’s license numbers, net worth, dependents, account numbers and values, medical data and other personal information.
Ameriprise said it has implemented additional safeguards, including verification procedures for callers, and signature confirmations. The company is offering affected clients free credit monitoring.
Ameriprise representatives didn't immediately respond to an email seeking comment Monday.
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.