Posted On August 3, 2022 Consumer Privacy & Data Breaches
August 3, 2022 – On July 29, 2022, RetireOne, Inc., a platform for fee-based insurance solutions developed and maintained by Aria Retirement Solutions, Inc., reported a data breach stemming from an incident involving an employee’s email address. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to the following data types: names, Social Security numbers, driver’s license numbers, dates of birth and financial account information, such as credit, debit, and bank account numbers. Aria also began sending out data breach notification letters to all individuals who were impacted by the recent incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the Aria data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from RetireOne, Inc.
According to an official notice filed by the company, On around September 1, 2021, Aria detected suspicious activity on one of its employee’s email accounts. In response, the company launched an investigation to learn more about what was going on. On September 20, 2021, the company learned that an unauthorized party had gained access to the employee’s email account. Aria was unable to determine which, if any, of the emails the unauthorized party accessed. However, the company confirmed that there were emails and attachments in the account containing sensitive consumer data.
Upon discovering that sensitive consumer data was accessible to an unauthorized party, Aria Retirement Solutions then reviewed the affected files to determine exactly what information was compromised. While the breached information varies depending on the individual, it may include your name, Social Security number, driver’s license number, date of birth and financial account information.
On July 29, 2022, Aria Retirement Solutions sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Aria Retirement Solutions, Inc. is a financial services company based in San Francisco, California. The company creates and markets a range of products to registered investment advisors. Aria also created and maintains RetireOne, which is a platform for fee-based insurance solutions. Aria Retirement Solutions employs more than 25 people and generates approximately $5 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the Aria data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
To schedule your free consultation, just call (866) 778-5500 today or fill out our secure contact form.
Below is a copy of the initial data breach letter issued by RetireOne, Inc. (the actual notice sent to consumers can be found here):
Dear [Redacted],
Aria Retirement Solutions, Inc. (“Aria”) is sending you this letter to inform you of an incident that may affect the security of some of your personal information. This notice provides information about the incident, our response, and resources available to you to help protect your information from possible misuse, should you feel it necessary to do so.
What Happened? On or about September 1, 2021, Aria became aware of unusual activity related to an employee’s email account. Aria immediately commenced an investigation to better understand the nature and scope of this activity. On September 20, 2021, it was determined that the employee email account was accessed without authorization between April 26, 2021 and September 1, 2021. The investigation was not able to determine whether any specific emails in the account were accessed or viewed. In an abundance of caution, a programmatic and manual review of the contents of the email account was completed to determine whether sensitive information was present in the emails at the time of the incident. This process was completed on November 4, 2021. Through this process, we determined that certain personal information was accessible, although not necessarily actually accessed or viewed by unauthorized individuals, within the account at the time of this incident.
What Information Was Involved? It cannot be confirmed whether information related to you was actually accessed or viewed during this incident. However, Aria is notifying you out of an abundance of caution. The information related to you that was accessible within the email account includes your name and [Redacted].
What We Are Doing. We take this incident and the security of personal information in our care seriously. Upon learning of this incident, we moved quickly to investigate, respond, and assess the security of relevant systems. Our response included resetting the password of the affected account and performing a review of our entire email system. As part of our ongoing commitment to the security of information we are also reviewing existing policies and procedures to ensure against a similar future incident.
We are also offering you access to complimentary credit monitoring and identity restoration services for [Redacted] through Equifax. These services include credit monitoring, access to an Equifax credit report, WebScan notifications, automatic fraud alerts, identity restoration services, and identity theft insurance. If you wish to activate the credit monitoring and identity restoration services, you may follow the instructions included in the Steps You Can Take to Help Protect Personal Information.
What You Can Do. We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and monitoring your free credit reports for suspicious activity and to detect errors. You may also review the information contained in the attached Steps You Can Take to Help Protect Personal Information. There you will also find more information on the credit monitoring and identity restoration services we are making available to you. While Aria will cover the cost of these services, you will need to complete the activation process.
For More Information. We understand that you may have questions about this incident that are not addressed in this letter. If you have additional questions, please call our call center at 855-604-1651, Monday through Friday, except holidays from 9:00 a.m. to 9:00 p.m. Eastern time.
