This notice relates to a data security event that Crowe Soberman LLP (Crowe) discovered on December 13, 2024. Crowe was unable to directly notify a subset of the affected individuals because Crowe did not have valid contact information for them. This website notice serves as an indirect notification to this undeliverable population.
On December 13, 2024, Crowe discovered suspicious activity involving its file servers. We promptly launched a comprehensive investigation with the support of third-party cybersecurity experts to assess the nature and scope of the incident. The investigation determined that an unauthorized third party gained access to Crowe’s environment between November 26 to December 13, 2024. Although this access was immediately terminated upon discovery, some personal information in Crowe’s possession was accessed by the unauthorized third party. Following the December incident, Crowe implemented enhanced security monitoring measures. On June 28, 2025, these efforts led to the detection of a separate, limited event involving certain user accounts. The investigation determined that an unauthorized user had gained access to Crowe’s environment between June 22 and June 28, 2025. This access was also promptly terminated, and Crowe worked quickly with its cybersecurity partners to terminate the unauthorized activity.
The forensic investigation determined that some of your personal information was impacted by one of the above incidents. This varied by individual and may include your name, physical addresses, dates of birth, Social Insurance Numbers, driver’s license details, passport information, tax records, and medical information you may have shared with Crowe. We have no information or reason to believe that your data was targeted specifically, nor that the information is actually being misused in any way.
We have taken the steps necessary to address the event and are committed to fully protecting the information entrusted to us. Upon discovering this event, we immediately took steps to secure our environment and hired external experts to investigate. We have reported this incident to the Canadian Centre for Cyber Security and the Office of the Privacy Commissioner.
We encourage you to remain vigilant against identity theft and fraud by staying alert for suspicious calls or emails, monitoring your affairs and monitoring your free credit reports for unusual activity and errors. We take the safety and security of your information very seriously. To determine whether you were affected by this event, please contact Crowe Soberman at +1 647 288 2725 or [email protected].