Tomren Wealth Management notifies clients of server compromise; access to client data uncertain

Tomren Wealth Management sent out notification letters recent following a server breach that occurred between February 21 and March 6, when the intrusion was discovered.

“The  forensic examiners  found spamming software was loaded onto the machine  in a  failed attempt to send out ‘junk” spam emails,  however, we have been unable  to determine whether the unauthorized party accessed any personal  infonnation relating to you,” Michael Tomren wrote to those affected. Clients’ personal information stored on the server included names, Social Security numbers, driver’s license  information, and clients’ FSC  broker account numbers.

“At no  time was there ever any access to  your actual accounts and  holdings with  our firm,” Tomren reassured clients. “We have  reviewed the  daily transaction reports and we have  found no irregularities. We have examined and will  continue examining the measures we can take  to help prevent incidents of  this kind  in the future. For example,  we have upgraded the firewall, changed  all passwords, deleted certain  applications and  hired forensic examiners to ensure the system is and will be free  of threats.”

The San Ramon-based firm offered affected clients free credit protection for two years and reported the incident to the California Attorney General’s Office.

About the author: Dissent