A computer hacker broke into a Davidson Companies database and obtained the names and Social Security numbers of virtually all of the Great Falls financial services company's clients.
The database included information such as account numbers and balances, said Jacquie Burchard, spokeswoman for Davidson Companies. However, the hacker didn't get access to the accounts.
"People's accounts at Davidson are fine," Burchard said. "Their assets are fine." The risk is that the hacker could use the names and Social Security numbers to commit fraud or identity theft.
The computer hacker accessed information on 226,000 current and former clients, Burchard said.
The company's biggest immediate concern is to take care of its clients, said Bill Johnstone, president and chief executive officer of Davidson Companies.
Davidson Companies is sending out letters to all the affected clients recommending that they:
# Immediately report any unauthorized activity in their Davidson accounts to their financial consultants;
# Contact credit and bank card issuers to review recent charges and account transactions. Should unauthorized charges appear, clients should contact card issuers immediately to request that the current accounts be closed and new cards issued;
# Consider placing fraud alerts on their credit files by contacting one of the three principal credit reporting bureaus (Equifax, Experian and TransUnion);
# Review the identity theft materials posted on the Federal Trade Commission's Web site, www.consumer.gov/idtheft, including the FTC'S booklet, "Take Charge: Fighting Back Against Identity Theft."
Davidson Companies is offering a one-year enrollment to a credit monitoring service at the company's expense for clients whose information was accessed, Johnstone said.
The financial services company is temporarily opening call centers and extending branch hours to help answer clients' questions.
Current clients should call 800-909-6485.
Former clients should call 800-736-6153.
The Great Falls office of D.A. Davidson & Co. will be open for extended hours this week as follows:7 a.m. to 7 p.m. through Friday and 9 a.m. to 4 p.m. Saturday
The computer break-in occurred earlier this month, Burchard said. Authorities investigating the crime asked the company to keep the news extremely confidential during the early stages of the investigation.
Employees were notified of the hacker's attack on Tuesday.
The hacker also accessed employee names and employee identification numbers, which essentially mean nothing, Burchard said.
"It doesn't expose employees at any level," she said.
This was a "very, very sophisticated hacker," Burchard said. "We don't know where this person is; we don't know who this person is."
Davidson Companies has many procedures and policies in place to protect client information, Johnstone added.
In September, the company hired an outside firm to test to see if it could hack into the company's computer system, he said. The firm wasn't able to.
"Obviously, we're enhancing our IT (Information Technology) security systems," Burchard said.
Law enforcement agencies note that because people are constantly finding new ways to hack into systems, it's an ongoing problem, she said.
As of Tuesday, there were already been 24 reported cases of major identity theft with various companies nationwide in 2008, Burchard said.
"It's endless."