Wellborn & Company Data Breach Affecting Clients' Personal Information

On Aug. 11, 2025, Wellborn & Company, an accounting firm based in Albuquerque, New Mexico, was notified by its third-party IT provider of a ransomware attack. The incident was not a direct breach of Wellborn & Company’s own systems, but rather occurred through its external IT vendor, who reported that cybercriminals had accessed and downloaded certain data stored on their systems.

The company learned through a subsequent investigation with cybersecurity specialists that the breach involved personal information, including names and other types of data specific to each individual. The full scope of the information exposed has not been publicly detailed, but the notice to consumers indicates that it may include personally identifiable information (PII) such as names and potentially other financial or tax-related details.

Wellborn & Company began notifying affected individuals after confirming the extent of the breach. The breach was disclosed to the Vermont Attorney General’s office on Oct. 13, 2025.

The severity of the breach is notable due to the nature of the compromised data and the method of attack. Ransomware events involving third-party vendors can be particularly damaging, as they may affect multiple clients and complicate recovery efforts. The attackers were able to access and exfiltrate data before the breach was contained, increasing the risk of identity theft or fraud for affected individuals.

Wellborn & Company's response

To support those affected, Wellborn & Company is offering complimentary identity monitoring services through IDX, including credit monitoring and identity theft protection. Affected individuals can enroll in these services using a unique enrollment code provided in their notification letter. The deadline to enroll is Jan. 10, 2026.

The company is also encouraging affected individuals to remain vigilant by monitoring their account statements and credit reports for suspicious activity. Additional resources are provided in the notice, including instructions for obtaining a free IRS Identity Protection PIN, which can help prevent fraudulent tax filings. For more information, individuals can contact the dedicated assistance phone line listed in the notice.