CUSO Financial Services Data Breach Investigation

Turke & Strauss LLP, a leading data breach law firm, is investigating CUSO Financial Services, LP (“CFS”) regarding its recent data breach. The CFS data breach involved sensitive personal information belonging to an undetermined number of individuals.

ABOUT CUSO FINANCIAL SERVICES, LP:

CFS is a nationwide broker-dealer and registered investment advisory firm based in California. Founded in 1997, CFS specializes in serving credit unions and banks along with bank or credit union-owned broker-dealers.² To that end, CFS focuses on developing and customizing investment programs within financial institutions and providing strong support for their financial professionals.² Headquartered in San Diego, California, CFS has regional program management offices across the United States and employs more than 200 individuals.

WHAT HAPPENED?

On October 20, 2023, CFS discovered that it had experienced a data breach in which sensitive personal information may have been accessed and acquired. Through its investigation, CFS determined that an unauthorized party may have accessed this sensitive information through a vulnerability in an email application, Barracuda Networks. On February 16, 2024, CFS notified individuals whose information may have been impacted. The exact type of personal information potentially exposed has not been made publicly available by CFS. However, according to state reporting guidelines, “personal information” can include the following types of information:

• Name
• Social Security number
• Driver’s license number
• Government issued ID number (e.g., state ID number, tax ID number, passport, military ID number)
• Financial information (e.g., Account number/credit or debit card number, in combination with password/access code)
• Medical information
• Health insurance information
• Unique biometric data
• Genetic data