Allied, a New York-based accounting firm, recently reported a data breach to the Attorney General of Vermont that involved sensitive personal identifiable information. On June 22, 2024, Allied became aware of unusual activity within its network, which prompted an immediate investigation. The investigation revealed that an unauthorized individual had potentially accessed sensitive information using an employee’s email account and tax preparation software. As a result, the company launched a review to determine the scope of the breach and identify the affected individuals.
By August 26, 2024, Allied had completed the review of the compromised data. The breach may have exposed various types of personal information, including names, Social Security numbers, dates of birth, and financial account information. While the company has not disclosed the exact number of individuals impacted, it has confirmed that the exposure of such sensitive data could lead to serious risks for those affected, such as identity theft and financial fraud.
To address the potential risks, Allied began mailing data breach notification letters to impacted individuals on October 4, 2024. In these letters, the company outlined the specific types of information that may have been compromised and offered 12 months of complimentary credit monitoring services. The firm is urging affected individuals to monitor their financial accounts for any suspicious activity and to take necessary precautions to protect their personal information.
Founded in 2009, Allied CPAs, P.C. is a privately-owned firm that offers a broad range of accounting, tax planning, and consulting services. The firm serves a variety of industries, including healthcare, retail, and technology, and has multiple locations throughout New York. Allied employs over 50 staff members and continues to strengthen its cybersecurity measures to prevent future incidents.
