BlackRock's data leak mostly strikes LPL advisers

Data on about 20,000 financial advisers was posted inadvertently, including 12,000 at LPL Financial

Jan 22, 2019 @ 10:16 am

By Bloomberg News

A data leak revealed last week at BlackRock Inc. exposed the names, email addresses and other information of about 20,000 advisers who are clients of the asset manager, including 12,000 at LPL Financial, the largest U.S. independent broker-dealer.

"BlackRock inadvertently posted a small number of sales-related documents, which were up for a short period of time, and promptly removed," the company said Monday in an emailed statement. "The information related to a very limited number of wealth management platforms impacting approximately 20,000 independent advisers in the U.S."

LPL informed advisers over the weekend that BlackRock posted details about some of them on its website. The leak affected advisers who do business with BlackRock's iShares exchange-traded funds unit.

"After being informed by BlackRock of this issue, our first priority was to reach out to our advisers to make them aware of the situation and share the details we had learned," Jeffrey Mochal, a spokesman for LPL, said Sunday in a statement. "We will continue to stay in close communication with BlackRock as they research the incident and will share information with our advisers as it becomes available."

ETF business

BlackRock and LPL are the latest financial firms to be ensnared in a data issue affecting a key part of their business.

ETF sales are crucial to BlackRock, which runs the world's largest ETF business. Such products account for one-third of the approximately $6 trillion in assets BlackRock oversees. Registered financial advisers who work with brokerages such as LPL are a key channel for getting ETFs into individual investor portfolios.

BlackRock didn't identify the other platforms affected. The company said it "recognizes the seriousness of the error and we deeply regret that it occurred. We always seek to treat the information entrusted to us with great care."

Bloomberg News reported Friday that BlackRock accidentally released information on thousands of financial advisers on its website. The data appeared in several spreadsheets, some of which included designations such as "club level." LPL categorizes advisers with such tiers, including a so-called "Chairman's Club" for some top performers.

In its statement, BlackRock said the disclosures resulted from human error. "There was no security breach and no compromise of BlackRock systems," the company said.

Sales-related information for an internal customer relationship management-related system was inadvertently posted on iShares.com, LPL said.

‘Limited scope'

BlackRock said it notified affected firms about the leak, and that after performing reviews of its website, the company is confident it understands the "limited scope and implications" of the issue.

"The sales related documents did not relate to any other client businesses at BlackRock," according to the statement.

"No information about financial advisers' end clients was included," BlackRock said. "And no sensitive personal or financial information about advisers or anyone else was included. Additionally, there were no ticker- or portfolio-level holdings information disclosed."

LPL serves more than 16,000 financial advisers, providing functions including trading and compliance. In a separate incident in November, LPL said that it was investigating a data breach at a vendor firm, Capital Forensics Inc., that put investors' personal information at risk.

Capital Forensics confirmed at the time that the attack exposed data from a "small number" of its clients.

Keeping information secure is an increasingly important issue at financial firms, forcing them to brace against both cyber attacks and human error.

Data losses

"Inadvertent exposure and loss of data is more common than we think," Rahul Telang, a professor of information systems and management at Carnegie Mellon University, said in an interview. "A lot of time the firms spend a lot of money trying to protect data from hackers but small errors on the part of a human can have the same effect."

Karen Barr, president and chief executive officer of the Investment Adviser Association, said any advisers concerned their information may have been disclosed should start by taking stock of what was released.

"The first step is to assess the depth and type of the information" that was available, she said. "You really put your arms around the issue and the extent of the potential damage."

(More: Crackdown showdown: Serious cybersecurity enforcement is coming in 2019, but are advisers ready?)

0
Comments

What do you think?

View comments

Upcoming event

Nov 13

Conference

Top Advisory Firm Summit

Formerly known as the Best Practices Workshop, this new one-day conference will also include content from the Best Places to Work event!The Top Advisory Firm Summit will provide CEOs, COOs, CTOs, CMOs, and Managing Partners from the... Learn more

Most watched

INTV

Schwab's Jeff Kleintop: Prep for volatility given China trade uncertainties

China could be considered a developed market in five to seven years , according to Jeff Kleintop, chief global investment strategist, Charles Schwab.

INTV

Young advisers envision a radically different business in five years

Fintech and sustainable investing are two factors being watched closely by some of the 2019 class of InvestmentNews' 40 Under 40.

Latest news & opinion

TIAA exits the life insurance business

The move is a big deal for RIAs, experts say, since TIAA was one of only a few insurers to offer fee-only life policies.

Advisers step up efforts to help clients manage student loan debt

As some Democrats campaign to wipe the slate clean, financial planners focus on limiting the amount students borrow.

Funding for Reg BI, other SEC advice reform efforts denied in Waters amendment

House likely to approve measure that effectively kills rule package, but it faces uphill battle in Senate

Wall Street lashes out at Sanders' plan to pay off student debt with a securities trading tax

Financial pros argue that a transaction levy will hurt mom-and-pop investors along with investment houses.

GPB paid B-Ds and reps steep commissions to sell troubled private placements

GPB paid commissions of 9.3%, or $167 million altogether, on the firm's private placements.

X

Hi! Glad you're here and we hope you like all the great work we do here at InvestmentNews. But what we do is expensive and is funded in part by our sponsors. So won't you show our sponsors a little love by whitelisting investmentnews.com? It'll help us continue to serve you.

Yes, show me how to whitelist investmentnews.com

Ad blocker detected. Please whitelist us or give premium a try.

X

Subscribe and Save 60%

Premium Access
Print + Digital

Learn more
Subscribe to Print