Posted On August 3, 2022 Consumer Privacy & Data Breaches
August 3, 2022 – On July 29, 2022, the accounting firm of Wisan Smith Racker & Prescott (“WSRP, LLC”) reported a data breach after the company learned that an unauthorized party was filing fraudulent tax returns on behalf of its clients. Based on an official filing from the company, the incident resulted in an unauthorized party gaining access to the following data types: names, Social Security numbers, driver’s license numbers, passport numbers, financial account information, electronic signatures, medical information and health insurance information. After confirming that consumer data was leaked, WSRP began sending out data breach notification letters to all individuals who were impacted by the recent data security incident.
If you received a data breach notification, it is essential you understand what is at risk. The data breach lawyers at Console & Associates, P.C. are actively investigating the WSRP data breach on behalf of people whose information was exposed. As a part of this investigation, we are providing free consultations to anyone affected by the breach who is interested in learning more about the risks of identity theft, what they can do to protect themselves, and what their legal options may be to obtain compensation from Wisan Smith Racker & Prescott.
According to an official notice filed by the company, on June 14, 2022, WSRP learned that an unauthorized party had filed fraudulent tax returns on behalf of several of the company’s clients. In response, WSRP conducted an investigation into the incident, learning that one of the company’s systems had been breached. In response, WSRP engaged the assistance of cybersecurity professionals to determine the nature and scope of the incident, as well as what, if any, consumer data was leaked as a result.
The WSRP investigation confirmed that an unauthorized party gained access to this company’s computer system at various times from April 21, 2022, until April 28, 2022, and again on May 26, 2022. The investigation also revealed that the unauthorized party stole certain files containing sensitive client data.
Upon discovering that client data was accessible to an unauthorized party, WSRP, LLC then reviewed the affected files to determine what information was compromised and which consumers were impacted. While the breached information varies depending on the individual, it may include your name, Social Security number, driver’s license or state identification card number, passport number, military identification number, government-issued identification number, financial account information, date of birth, electronic signature, medical information, and health insurance information.
On July 29, 2022, WSRP, LLC sent out data breach letters to all individuals whose information was compromised as a result of the recent data security incident.
Founded in 1985, Wisan Smith Racker & Prescott is an accounting firm based in Salt Lake City, Utah. The firm provides assistance to individuals and businesses related to tax audits and tax services and also serves as a business consultant for its corporate clients. WSRP also provides a suite of related services, including those related to valuation, risk management, succession planning, and employee benefit plans. WSRP, LLC employs more than 100 people and generates approximately $18 million in annual revenue.
At Console & Associates, P.C., our consumer privacy lawyers monitor all security and data breaches to help affected consumers pursue their legal remedies. We offer free consultations to victims of data breaches and can explain your rights in clear, understandable terms so you can make an informed decision about how to proceed with your case. If you’ve been affected by the WSRP data breach or any other data security incident, Console & Associates, P.C., will investigate your case at no charge and offer you thorough advice about how to most effectively proceed with your case. If you decide to bring a case, we only get paid if you do. If your claim is successful, any legal fees are either paid by the defendant or come out of the funds recovered from the defendant. If your claim doesn’t result in a recovery, you will pay nothing.
Below is a copy of the initial data breach letter issued by Wisan Smith Racker & Prescott (the actual notice sent to consumers can be found here):
WSRP, LLC (“WSRP”) is writing to notify you of an incident that may affect the privacy of some of your information. We are providing you with information regarding the incident, our response to it, and resources available to you to help better protect your information, should you feel it appropriate to do so.
What Happened? On June 14, 2022, WSRP was made aware of fraudulent tax return filings related to certain individuals. We began to review our systems and subsequently identified suspicious activity relating to a single system within our network. We worked quickly to secure the system and launched an investigation with the assistance of third-party computer specialists to determine the full nature and scope of any unauthorized activity. Through the investigation, we determined that an unauthorized actor gained access to this system at various times from April 21, 2022 until April 28, 2022, and again on May 26, 2022. During the period of unauthorized access, our investigation determined that certain files were downloaded without authorization. We reviewed these files to determine the nature of the files and identify individuals contained within the same, and locate address information for affected individuals. This review was completed on July 14, 2022.
What Information Was Involved? One or more of the following elements related to you may have been contained within the downloaded files if previously provided to WSRP: name, Social Security number, driver’s license or state identification card number, passport number, military identification number, other government issued identification number, financial account information, date of birth, electronic signature, medical information, and health insurance information.
What We Are Doing. We take this event and the security of information in our care seriously. As part of our ongoing commitment to the privacy of information in our care, we implemented additional technical security measures to mitigate reoccurrence of this type of event. Further, we are also reviewing and enhancing existing policies and procedures and conducting additional workforce data privacy training.
What You Can Do. We encourage you to remain vigilant against incidents of identity theft and fraud by reviewing your account statements and free credit reports for suspicious activity and to detect errors. We also recommend you review the “Steps You Can Take to Protect Personal Information” section of this letter. Further, you may enroll in the offered complimentary credit monitoring and identity protection services.
For More Information. If you have additional questions you may contact us by phone at 801-328-2011 or by email at [Redacted]. You may also write to us at WSRP, LLC at 155 N 400 W, STE 400, Salt Lake City, Utah 84103.