BusinessPostCorner.com
No Result
View All Result
Sunday, July 19, 2026
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
BusinessPostCorner.com
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
No Result
View All Result
BusinessPostCorner.com
No Result
View All Result

CPA firm settles with NY AG Letitia James over data breaches

October 20, 2025
in Accounting
Reading Time: 3 mins read
A A
0
CPA firm settles with NY AG Letitia James over data breaches
ShareShareShareShareShare

Wojeski & Company, a firm based in Albany, New York, has reached a $60,000 settlement with New York Attorney General Letitia James after the firm was hit by two data breaches and ransomware attacks, exposing the personal information of over 4,700 people.

James’s office found the firm took over a year to tell victims about the cyberattacks, even though it’s required to notify them soon after a breach. Under the agreement announced Monday, the firm is required to pay $60,000 in penalties and take steps to improve its cybersecurity measures. Individuals who were affected by the data breaches have been offered one year of free credit report monitoring.

“Ransomware attacks like the ones at Wojeski put consumers at risk,” James said in a statement. “As an accounting firm, Wojeski should have taken stronger measures to protect New Yorkers’ personal data and prevent data breaches that could lead to identity theft and other types of fraud. When New Yorkers pay for a service, they should trust that the company they are paying will not expose their private information. Companies must do more to protect their customers’ data and my office will not hesitate to hold them to account.”

(James has been in the news lately after she was indicted for bank fraud earlier this month by a grand jury. President Trump had publicly urged U.S. Attorney General Pam Bondi and the Justice Department to investigate her. James had successfully led a case against Trump in which he was found liable for fraud in 2023 for exaggerating his net worth by billions of dollars.)

On July 28, 2023, Wojeski employees realized they were undergoing a ransomware attack when they couldn’t access certain files in their systems. After containing the threat and launching an investigation, Wojeski discovered the cyberattack was probably caused by a phishing email sent to one of their employees. The investigation also found that customers’ Social Security numbers were not encrypted in parts of the company’s network. 

On May 31, 2024, Wojeski learned of another data breach when an employee from a firm hired to help with the investigation improperly accessed customer data located in the files that Wojeski had sent for review. The employees were also sending the information to several external email addresses without authorization. 

Wojeski didn’t notify its clients about either security breach until November 2024, a year and a half after their personal data was originally jeopardized. The personal data exposed in one or both incidents included names, dates of birth, Social Security numbers, drivers’ license numbers, email addresses, phone numbers, financial account numbers, medical benefits and entitlement information. The 2023 data breach affected 5,881 individuals, and the 2024 breach affected 351 individuals. Following the data breaches, Wojeski offered free credit monitoring to the individuals who were impacted.

Wojeski did not immediately respond to a request for comment.

As a result of the agreement with the New York Attorney General, Wojeski will pay $60,000 in penalties and is required to adopt stricter security standards to better protect the personal information of its customers in the future, including:

  • Maintaining a comprehensive information security program to protect the security, integrity, and confidentiality of customer information;
  • Encrypting personal information that the company collects, stores, transmits and/or maintains; 
  • Developing and maintaining an inventory of where personal data is being stored within its network;
  • Maintaining reasonable account management and authentication processes that limit employees’ access to sensitive information as necessary; 
  • Establishing a program designed to identify and correct security vulnerabilities within its computer network; 
  • Implementing an incident response plan ensuring timely notice to consumers; and,
  • Implementing a cybersecurity training program to be completed by all employees. 

Credit: Source link

ShareTweetSendPinShare
Previous Post

Zohran Mamdani Favored By Polarmarket Bettors

Next Post

‘Sad, if not damning’: Cathie Wood blasts the proxy firms who say Elon Musk’s $1 trillion pay package is just too rich

Next Post
‘Sad, if not damning’: Cathie Wood blasts the proxy firms who say Elon Musk’s  trillion pay package is just too rich

‘Sad, if not damning’: Cathie Wood blasts the proxy firms who say Elon Musk’s $1 trillion pay package is just too rich

Stranded pollock prompt EU to delay fish import controls for US

Stranded pollock prompt EU to delay fish import controls for US

July 12, 2026
Jensen Huang’s jacket sold at Sotheby’s for almost M—and the money is going to young tech builders

Jensen Huang’s jacket sold at Sotheby’s for almost $1M—and the money is going to young tech builders

July 17, 2026
Gen Z’s AI anxiety isn’t really about AI

Gen Z’s AI anxiety isn’t really about AI

July 14, 2026
Judge rules Trump IRS immunity deal has no ‘basis in law’

Judge rules Trump IRS immunity deal has no ‘basis in law’

July 13, 2026
Trump adviser says leftwing extremism is ‘fatal cancer to civilisation’

Trump adviser says leftwing extremism is ‘fatal cancer to civilisation’

July 16, 2026
Trump says US to abandon proposed Strait of Hormuz cargo fee

Trump says US to abandon proposed Strait of Hormuz cargo fee

July 14, 2026
BusinessPostCorner.com

BusinessPostCorner.com is an online news portal that aims to share the latest news about following topics: Accounting, Tax, Business, Finance, Crypto, Management, Human resources and Marketing. Feel free to get in touch with us!

Recent News

Iran just crossed Trump’s red line for resuming all-out war as fighting worsens with no end in sight

Iran just crossed Trump’s red line for resuming all-out war as fighting worsens with no end in sight

July 18, 2026
Walmart removes four Taylor Farms salads as recalls spread

Walmart removes four Taylor Farms salads as recalls spread

July 18, 2026

Our Newsletter!

Loading
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2023 businesspostcorner.com - All Rights Reserved!

No Result
View All Result
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources

© 2023 businesspostcorner.com - All Rights Reserved!