$100 Million awarded Since 1994 6,000 Satisfied Clients

Posted On January 28, 2022 Consumer Privacy & Data Breaches

Data Breach Alert: Index Fund Advisors, Inc.

NOTICE: If you received a NOTICE OF DATA BREACH letter from Index Fund Advisors, Inc., contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.


Data Breach AlertJanuary 28, 2022 – Recently, Index Fund Advisors, Inc. announced that the personal and financial information of approximately 10,968 individuals was compromised in a data breach. Our data breach attorneys are investigating this cybersecurity incident to determine if consumers could have the grounds for a data breach class action lawsuit. 

What to Know About the Index Fund Advisors, Inc. Data Breach

The company recently reported that, on August 5, 2021, an unauthorized party gained access to certain files on its servers. A subsequent investigation revealed that the files may have contained the following information of:

  • Names or other personal identifiers
  • Financial account numbers
  • Debit card numbers or credit card numbers
  • Security codes, access codes, passwords, or PINs

According to reports, Index Fund Advisors, Inc. does not know which individuals’ information was actually accessed and cannot confirm that the unauthorized party retained any of the information.

However, anyone in receipt of an Index Fund Advisors, Inc. data breach notification letter may now face an increased risk of identity theft and other financial losses. Attorneys are now investigating this recent cybersecurity incident to determine whether the company took the necessary steps to keep your data secure and whether those impacted by the breach can pursue a data breach class action lawsuit.

What Is a Data Breach?

A data breach occurs when a hacker or other unauthorized party secretly gains access to sensitive consumer information stored on a company’s servers through some kind of cyberattack. Once a hacker obtains consumer data, they may use the information to commit identity theft or for other criminal purposes. Sometimes hackers will sell the data they obtain through a cyberattack to the highest bidder.

No one can tell with certainty why a hacker targeted your data in a data breach or what they plan to do with it, but the fact that your sensitive information is in the hands of an unauthorized party puts you at a greater risk of identity theft.

As consumers, we all provide personal data to companies for a variety of reasons. We trust these companies to protect our private data and keep this information secure. Unfortunately, data breaches happen frequently.

Attorneys are investigating data events like this security breach to determine the legal rights of consumers who trusted corporations with their sensitive information. Often, hackers target companies that rely on outdated or otherwise inadequate data-security measures. If it is determined that Index Fund Advisors, Inc. did, in fact, fail to properly protect consumers’ data in some way, the individuals affected may be eligible to pursue compensation for their financial losses.

What Can You Do After a Data Breach?

If you received a data breach letter from the company that experienced a security incident, it means that an unauthorized person—likely a criminal—may have accessed, viewed, and retained your personal information. While the company cannot know why the third party sought out your information and what they plan to do with it, the situation justifies a certain level of precaution on your part.

Below are a few ways to protect yourself from identity theft and the other possible financial risks that can stem from a data breach:

  1. Carefully read the data breach letter to determine what information of yours was accessible;
  2. Make a copy of the letter for your records;
  3. Enroll in the free credit monitoring service provided to you (you will need information contained in the data breach letter to do this);
  4. Change all your passwords and security questions for any online accounts;
  5. Enable two-factor authentication, where it is available;
  6. Regularly review your credit card and bank account statements for any signs of suspicious activity;
  7. Monitor your credit report for any unexpected changes that may be a sign of identity theft;
  8. Contact one of the major credit bureaus to request they add a fraud alert to your profile; and
  9. Notify your banks and credit card companies of the data breach.

To protect and preserve their legal rights, it is highly recommended that individuals who received notice that their data may have been compromised immediately reach out to an experienced data breach attorney.

Data Breach Lawyers Are Investigating This Security Incident and the Potential for a Data Breach Class Action

Companies have an ethical and legal duty to protect consumers’ personal and financial information. While developing and implementing a comprehensive and up-to-date data-security system is costly, this is a necessary cost of doing business in an environment where cyberattacks and data breaches are common.

Data breach laws are complex, and just because your information may have been accessed while in Index Fund Advisors, Inc.’s care doesn’t necessarily make this company legally responsible. However, if a company fails to take appropriate actions to protect consumers’ sensitive information, it may face liability through a data breach class action lawsuit.

If you received a data breach notification letter, it is important that you not only protect yourself from possible fraud but also preserve your legal rights by speaking to a data breach attorney. Consumer privacy lawyers are undertaking investigations in legal matters involving all types of data breaches, ransomware attacks, and cyberattacks on a no-win, no-fee basis.

Find a copy of the data breach letter here.



Index Fund Advisors Incorporated (“IFA”) is writing to inform you of a recent event that may affect the security of some of your information. While, to date, we have no indication that your information has been misused, we are making you aware of the event so you may take steps to better protect your information, should you feel it appropriate to do so.

What Happened? On or about August 5, 2021, IFA’s internal IT Department detected possible unauthorized access to certain IFA systems. The IT Department immediately began an investigation to determine the nature and scope of the activity and enlisted a third-party forensic investigation firm to assist with the investigation. The investigation determined that an unauthorized actor potentially accessed certain files within IFA’s system on August 5, 2021. A subsequent review identified on November 30, 2021 that these files may contain personal information.

What Information Was Involved? Our review determined the following information related to you may have been accessible within the files at issue: [certain data elements]. We note, we are unaware of any actual or attempted misuse of any information and providing you this notification out of an abundance of caution.

What We Are Doing. The confidentiality, privacy, and security of information in our care is one of our highest priorities. Upon learning of the potential unauthorized access, we immediately commenced an investigation to confirm the nature and scope of the event and took steps to secure our systems. While we have security measures in place to protect information in our care, we are implementing additional safeguards to further protect the security of information in our systems.

As an added precaution, we are also providing you with 12 months of complimentary access to credit monitoring and identity restoration services through Experian, as well as guidance on how to better protect your information, should you feel it is appropriate to do so. Although we are covering the cost of these services, due to privacy restrictions, you will need to complete the activation process yourself using the enrollment instructions below.

What You Can Do. We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors. You can find out more about how to better protect against the potential misuse of information in the enclosed Steps You Can Take to Protect Information. There, you will also find more information about the credit monitoring services we are offering and how to enroll.

NOTICE: If you received a NOTICE OF DATA BREACH letter from Index Fund Advisors, Inc., contact the attorneys at Console & Associates at (866) 778-5500 to discuss your legal options, or submit a confidential Case Evaluation form here.