Redtail Technology exposes sensitive client data

• Redtail’s logging systems inadvertently captured a small subset of the sensitive client data and stored in a file that was publicly available on the internet.
• The unprotected file contained personal information 0f clients’ such as names, physical addresses, dates of birth, and Social Security numbers.

What is the issue?

Redtail Technology has exposed the personal information of clients that have been stored in its client relationship management (CRM) software.

What happened?

Redtail discovered on March 4, 2019, that its logging systems inadvertently captured a small subset of the sensitive client data and stored in a file that was publicly available on the internet.

What information was exposed?

The unprotected file contained personal information 0f clients’ such as names, physical addresses, dates of birth, and Social Security numbers.

What was the response?

• Upon discovery, Redtail immediately removed access to the unprotected file.
• The company then conducted a comprehensive investigation and developed specific applications to determine which clients' data was exposed.
• However, it took time for the company to remediate because of the nature of the data, the format in which the data was stored, and the time it took to consolidate and correlate with Redtail's databases.

Redtail is currently notifying the impacted clients about the incident and is providing free credit and identity theft monitoring and remediation services from Symantec.

Brian McLaughlin, CEO at Redtail confirmed that this was not an intentional attack caused by third-parties. It is a temporary exposure which has been remediated.

“Less than 1% of Redtail clients were affected by this data exposure. We are taking this matter very seriously and are doubling down on our efforts to ensure that our customers' data is safe and secure,” McLaughlin said, InvestmentNews reported.