Sensitive client data may have been exposed when an Ameriprise Financial advisor was snared by a phishing scam last month, the company recently reported to a state regulator in the second such incident disclosed in the past two months.
Records on the Maine attorney general's office website indicate a Jan. 5 data breach affected 305 people, including two in that state, and that Ameriprise notified the clients in a letter last week.
The letter disclosed that "your advisor was the victim of a phishing incident, which originated from an email that appeared to be legitimate communication. This incident provided an unauthorized third party with the potential to access or transmit certain client information for a temporary period of time. While we have not identified evidence that your personal information was actually accessed or transmitted, we are providing this notice as a precautionary measure."
The information potentially involved includes each client's name, address, phone number, email address, birth date, Social Security number, driver's license number, gender, marital status, dependents, citizenship, income, net worth, account and policy numbers and account values, the letter says.
Ameriprise said it has implemented additional safeguards, including enhanced verification procedures for callers and confirmation of signatures on written account requests. The company also is offering free credit monitoring for 12 months.
In early January, Ameriprise notified the Maine AG's office that 598 people, including 52 in that state, were potentially exposed in a Dec. 4 breach, which involved a phishing email. The company notified affected clients in a letter dated Dec. 30.
"We have an unwavering commitment to protecting our clients' data and information, with multiple layers of security technology to protect both financial and personal information. This commitment is reinforced by our online security guarantee that protects against the unauthorized transfer of funds," Ameriprise Financial told ThinkAdvisor in a statement emailed Friday.
"Regarding these two separate and isolated incidents, we acted swiftly to contain them and notified impacted clients. Importantly, there was no disruption in service, and we have seen no evidence that client information was improperly used," the company said..
Image: Adobe Stock
© Touchpoint Markets, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.