LPL Financial Takes Action to Help Protect Investors’ Accounts Following Vendor Data Security Incident

LPL Financial notified certain investors this week about a data security incident at one of its service providers that involved some of their personal information. An unauthorized person gained access to data files on a third-party system used by Capital Forensics, Inc. (CFI), which provides data analysis and other services to financial sector clients such as LPL in support of regulatory matters. The files included names, addresses, Social Security numbers, and account numbers of certain LPL investors.

Upon notification of the incident, LPL asked Capital Forensics to remove all LPL data from its systems. Once we determined what information was involved, we began working to notify our advisors and their clients.

Incident Response Mitigation

Upon learning of the incident, LPL promptly took actions to contain and remediate the incident, including implementing heightened monitoring on the LPL accounts involved. Affected accounts are already flagged within LPL’s systems, so we can apply additional scrutiny. Additional measures have been deployed but can’t be disclosed as doing so would undermine their effectiveness.

Law enforcement has also been notified of the incident, and LPL is working with Capital Forensics to assist in the investigation of this issue.

In addition, LPL is providing affected investors with credit monitoring and identity theft protection services from AllClear ID (https://www.allclearid.com/) at no cost to the investors. An informational flyer that summarizes the services can be found here. More details, along with an activation code for enrolling in the credit monitoring service, will be available to investors in a mailing beginning the week of November 19. A dedicated call center will also be live for investors with questions.

Next Steps

LPL will continue to review our protocols for protecting our clients’ personal information. We’re committed to learning from security incidents and further strengthening our controls and security measures to continue to earn the trust of our stakeholders.

LPL investors who have questions regarding the CFI data security incident can call the dedicated call center at (855) 683-1166.

About LPL Financial

LPL Financial (Nasdaq: LPLA) was founded on the principle that the firm should work for the advisor, and not the other way around. Today, LPL is a leader* in the markets we serve, supporting more than 18,000 financial advisors, 800 institution-based investment programs and 450 independent RIA firms nationwide. We are steadfast in our commitment to the advisor-centered model and the belief that Americans deserve access to personalized guidance from a financial advisor. At LPL, independence means that advisors have the freedom they deserve to choose the business model, services, and technology resources that allow them to run their perfect practice. And they have the freedom to manage their client relationships, because they know their clients best. Simply put, we take care of our advisors, so they can take care of their clients.

*Top RIA custodian (Cerulli Associates, 2019 U.S. RIA Marketplace Report); No. 1 Independent Broker-Dealer in the U.S (Based on total revenues, Financial Planning magazine June 1996-2020); No. 1 provider of third-party brokerage services to banks and credit unions (2020-2021 Kehrer Bielan Research & Consulting Annual TPM Report)