Posted On August 2, 2022 Consumer Privacy & Data Breaches
August 2, 2022 – On July 27, 2022, the accounting firm of Gatto, Pope & Walrick, LLP reported a data breach after clients reported problems with tax returns filed by the firm. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to the following data types: names, addresses, Social Security numbers, government-issued identification numbers, and financial account information. Subsequently, GPW began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the GPW data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Gatto, Pope & Walrick, LLP.
According to an official notice filed by the company, in April 2022, GPW began receiving reports from clients that the IRS was contacting them, asking the clients to verify their identity. GPW also noticed that the IRS was rejecting an unusually high number of the tax returns it had filed on behalf of its clients. In response to these concerns, GPW took the necessary steps to secure its systems and launched an investigation into what could have caused these issues.
The GPW investigation is still ongoing. However, the company was able to determine that an unauthorized person was able to access at least one employee’s email account, which they used to access or acquire files between March 17, 2022 and May 8, 2022.
Upon discovering that sensitive consumer data may have been accessible to an unauthorized party, Gatto, Pope & Walrick reviewed all affected files to determine what information was compromised and which clients were impacted. While the breached information varies depending on the individual, it may include your name, address, Social Security number, government-issued identification number, and financial account information.
On July 27, 2022, Gatto, Pope & Walrick sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Gatto, Pope & Walrick, LLP is a Certified Public Accountant firm based in San Diego, California. GPW focuses on providing tax and business consulting services to high-net-worth individuals and businesses. Gatto, Pope & Walrick prepares tax returns, offers tax advice, and also works with those who are in the process of being audited. Gatto, Pope & Walrick employs more than 46 people and generates approximately $8 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the GPW data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Gatto, Pope & Walrick, LLP (the actual notice sent to consumers can be found here):
Gatto, Pope & Walwick, LLP (“GPW”) writes to inform you of a recent incident that may impact the privacy of some of your information. GPW takes this incident very seriously and the confidentiality, privacy, and security of information in GPW’s care is one of our highest priorities. We are writing to provide you with an overview of the incident, our response, and resources available to help protect your information, should you feel it appropriate to do so.
Beginning in about April of 2022, GPW began receiving reports of clients receiving letters from tax authorities seeking to verify the clients’ identities. Additionally, GPW observed an unusually high volume of rejections on client tax returns. Out of an abundance of caution, GPW took steps to secure its environment and launched an investigation to determine the potential cause of this activity. While the investigation is ongoing, it was recently determined that an unknown actor accessed the work-related accounts of a GPW employee. Using this access, the unknown actor accessed and/or acquired certain files from GPW systems between March 17, 2022 and May 8, 2022. GPW immediately commenced a review of relevant files to determine what information may have been impacted.
What Information Was Involved?
While the investigation is ongoing, we are notifying you out of an abundance of caution as the review of relevant files determined that your information may be impacted. The information related to you includes your name, address, Social Security number, government issued identification number, and financial account information.
What We Are Doing.
GPW takes this incident and the security of information in our care very seriously. While the investigation remains ongoing, the investigation and response performed to date includes reviewing the contents of relevant files and notifying potentially impacted individuals, as they are identified. As part of our ongoing commitment to information security, we are also assessing and validating the security of our systems and reviewing our technical safeguards, policies, procedures, and employee training program to reduce the likelihood of similar events from occurring in the future. We also notified federal law enforcement of this incident, and we are reporting this incident to applicable regulatory agencies, as required.
As an added precaution, GPW is offering you [Redacted] months of credit monitoring through Experian at no cost to you. Enrollment instructions can be found in the enclosed Steps You Can Take to Help Protect Personal Information. Please note, you must enroll in the complimentary credit monitoring yourself as GPW is unable to do so on your behalf.
What You Can Do.
We encourage you to remain vigilant against instances of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors. Additionally, we encourage you to obtain an IRS Identity Protection (“IP”) PIN to further reduce the likelihood of tax fraud. Please review the enclosed Steps You Can Take to Help Protect Personal Information, which includes information on obtaining an IP PIN and additional information on what you can do to better protect your personal information against misuse, should you feel it appropriate to do so. GPW also encourages you to enroll in the complimentary credit monitoring we are offering.
For More Information.
GPW understands you may have questions about this incident that are not addressed in this letter. If you have additional questions, please contact our dedicated assistance line at (833) 475-1813, toll free Monday through Friday from 8 am – 10 pm Central, or Saturday and Sunday from 10 am – 7 pm Central excluding major US holidays. Be prepared to provide engagement number [Redacted] # as proof of eligibility for the Identity Restoration services by Experian. You may also write to GPW at 3131 Camino Del Rio North, Suite 1200, San Diego, California 92108.
We sincerely apologize for any inconvenience this incident may cause.