Minnesota Company Reports Data Breach Affecting 226,000 Clients

February 6, 2008 - Despite the company efforts to secure their stored data and hiring an IT security company to assess and secure any found risks and vulnerabilities, the Davidson Companies reported this week that a database containing personal information of 226,000 current and past clients, including names and social security numbers, appears to have been hacked "by a third party through a sophisticated network intrusion."

"Despite our efforts to safeguard client information, a computer hacker using sophisticated techniques illegally accessed a database and obtained access to confidential client information," said William A. Johnstone, Davidson Companies president and CEO, in a statement. "All of us at Davidson are acutely aware of the uncertainty, stress and inconvenience associated with the potential compromise of personal information. We are fully committed to helping our clients deal with this unfortunate event as quickly as possible and are adopting measures to further enhance our network security."

Davidson Companies is a financial services holding company based in Montana. It includes D.A. Davidson & Co., an investment firm; Davidson Investment Advisors, a money management firm; Davidson Trust Co., a wealth management and trust company; Davidson Fixed Income Management, an investment and money management services firm; and Davidson Travel, a travel agency.

Company spokesperson Jacquie Burchard claims "We are in the process of notifying our clients and assisting them through the process of identity theft prevention. That is our key concern at this time." To assist those affected, the company plans to pay for a year of credit monitoring service.

A free credit monitoring service seems to be the common solution offered by many companies who have suffered at the hands of data thieves or hackers. Sounds good -but is it?

Doesn't that sound a bit like closing the window after a storm strikes?

Too many people have a false sense of security when it comes to credit monitoring services. In reality, creditors don't report activity to the bureaus on a daily basis -nor do the credit bureaus update credit reports on a daily basis. Additionally, credit monitoring can't detect and then alert you if someone is obtaining medical services, employment, housing or committing crimes in your name. And more importantly, most credit monitoring services do not include restoration services or include reimbursement for any loss of time or money incurred.

If more creditors, businesses and universities offered identity theft prevention and restoration services before any data was compromised, wouldn't it significantly reduce the exposure, expense and damage caused to all affected by a breach? Offering credit monitoring services after the breach occurs just isn't enough...it's simply a little too little... and a little too late.

by Denise Richardson

Note: When posting a comment, please sign-in first if you want a response. If you are not registered, click here. Registration is easy and free.

Only registered users can write comments.
Please login or register.