The accounting, consulting and wealth management firm Moss Adams has posted a cybersecurity incident notice centered on an employee email account that was accessed by an unauthorized person compromising PII.

In the statement, which appeared on the California Attorney General’s data breach website, Moss Adams stated that on October 10, 2019 a staffer’s email account was accessed by an unknown third party. Some of the information contained in the breached account included names and Social Security numbers of an undisclosed number of customer or employees.

Only information contained in the email account was exposed, the malicious actor did not obtain access to the company’s general computer network.

The company is in the process of notifying those affected, has started an internal investigation and is offering a year of free account monitoring.

Moss Adams has not yet responded to an SC Media request for additional information.