Public accounting firm Wright, Moore, DeHart, Dupuis & Hutchinson (WMDDH) is notifying over 127,000 individuals that their personal information was stolen in a July 2023 data breach.
The incident, the company wrote in notification letters to the impacted individuals, was identified on July 11, 2023, when unusual network activity was observed on WMDDH’s network.
However, it took roughly ten months for WMDDH to determine who the compromised personal information belonged to, and an additional two months to identify contact information for the impacted individuals.
According to the accounting firm, the affected personal information included names, Social Security numbers, driver’s license numbers, passport numbers, financial account numbers, and medical and treatment information.
In a filing with the Maine Attorney General’s Office, in which it included a copy of the notification letter, WMDDH said that 127,431 people were affected by the data breach.
The company is providing the impacted individuals with one year of free credit monitoring and identity theft protection services.
“Please review this letter carefully, along with the guidance included with this letter about additional steps you can take to protect your information. In addition, we encourage you to enroll in the credit monitoring and identity theft protection services we are offering,” the firm told the affected individuals.
Based in Lafayette, Louisiana, WMDDH has over 100 employees and provides accounting, audit, consulting, litigation support, management advisory, tax management, and other services.
Related: AT&T to Pay $13 Million in Settlement Over 2023 Data Breach
Related: Carespring Data Breach Exposes Personal and Medical Information of Nearly 77,000 Patients
