MED Tax, a family-owned accounting firm based in Wilmington, Delaware, reported a data breach to the Attorney General of Maine following suspicious activity detected on June 18, 2024. Upon discovering the activity, the firm immediately launched an investigation to understand the scope of the incident. The investigation revealed that an unauthorized individual may have gained access to sensitive personal information within the firm’s systems. As a result, MED Tax took steps to assess the extent of the breach and identify the individuals affected.
MED Tax’s review of the incident, completed on July 30, 2024, indicated that various types of personal information may have been compromised, although the exact details of the exposed data were not publicly disclosed. According to state reporting guidelines, “personal information” in this context could include sensitive data such as names, Social Security numbers, driver’s license or state identification card numbers, credit or debit card numbers, account passwords, and personal identification numbers. MED Tax carefully reviewed its systems to determine which information had been impacted and began identifying the individuals affected by the breach.
On September 20, 2024, MED Tax began mailing data breach notification letters to those individuals whose information may have been exposed. These letters outlined the types of sensitive information that may have been compromised, in accordance with state requirements. As part of their response to the breach, MED Tax offered affected individuals complimentary credit monitoring services to help protect them from potential identity theft or other negative consequences arising from the exposure of their personal data.
Founded over 35 years ago, MED Tax offers a wide range of tax and accounting services to both individuals and businesses. These services include tax return preparation, estate and trust tax services, tax planning, bookkeeping, payroll processing, and QuickBooks consulting. As a trusted local firm, MED Tax is committed to maintaining the security and privacy of its clients’ personal information and has taken steps to improve its security measures in response to the breach.
Reference:
