The company reportedly hired a testing company last September to assess its IT security and the firm's hackers did not find any holes.

Thomas Claburn, Editor at Large, Enterprise Mobility

January 30, 2008

2 Min Read

Davidson Companies said on Wednesday that a database containing personal information of 226,000 current and past clients, including names and social security numbers, appears to have been illegally accessed "by a third party through a sophisticated network intrusion."

"Despite our efforts to safeguard client information, a computer hacker using sophisticated techniques illegally accessed a database and obtained access to confidential client information," said William A. Johnstone, Davidson Companies president and CEO, in a statement. "All of us at Davidson are acutely aware of the uncertainty, stress and inconvenience associated with the potential compromise of personal information. We are fully committed to helping our clients deal with this unfortunate event as quickly as possible and are adopting measures to further enhance our network security."

The company reportedly hired a penetration testing company last September to assess its IT security and the firm's hackers did not find any holes.

Company spokesperson Jacquie Burchard declined to provide further details. "With the investigation ongoing, it would be inappropriate to delve into the technical aspects of the security breach," she said in an e-mail. "We are in the process of notifying our clients and assisting them through the process of identity theft prevention. That is our key concern at this time."

The company said in a statement that it has found no evidence that those who hacked its systems have been able to affect or alter client data. It nonetheless is urging clients to be on guard against identity theft fraud that could arise as a result of the data breach. To assist those affected, the company plans to pay for a year of credit monitoring service.

Davidson Companies is a financial services holding company based in Montana. It includes D.A. Davidson & Co., an investment firm; Davidson Investment Advisors, a money management firm; Davidson Trust Co., a wealth management and trust company; Davidson Fixed Income Management, an investment and money management services firm; and Davidson Travel, a travel agency.

Attrition.org, a Web site that tracks data breaches, lists 28 incidents that have been reported since the beginning of 2008. Privacy Rights Clearinghouse, which also tracks such incidents, lists 25 data breaches to date this year.

About the Author(s)

Thomas Claburn

Editor at Large, Enterprise Mobility

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful master's degree in film production. He wrote the original treatment for 3DO's Killing Time, a short story that appeared in On Spec, and the screenplay for an independent film called The Hanged Man, which he would later direct. He's the author of a science fiction novel, Reflecting Fires, and a sadly neglected blog, Lot 49. His iPhone game, Blocfall, is available through the iTunes App Store. His wife is a talented jazz singer; he does not sing, which is for the best.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights