Just as the Securities and Exchange Commission is sharpening its focus on cybersecurity breaches at broker dealers and registered investment advisors, Interactive Brokers is reporting private client information has been targeted.
In January, Interactive Brokers, which specializes in equities and options trading, "identified a business email compromise that resulted in the unauthorized access to a limited amount of consumer personal information," according to a sample letter to clients the firm filed on Thursday with Massachusetts. "The company activated its incident response protocols and implemented containment and remediation measures to ensure the security of the company’s email environment."
"Our investigation determined the following types of your information may have been impacted by this incident: your name" and another piece of unidentified information, according to the Interactive Brokers letter. "At this time, we have no evidence that your information was subject to actual or attempted misuse as a result of this incident."
It is not clear how many of the firm's clients have felt an impact of the email breach.
Broker-dealers and RIAs have to be constantly vigilant for such data break-ins.
"Sophisticated hackers for last 10 years have constantly improved their ability to breach systems, and it's up to firms to match them," said Sander Ressler, managing director, Essential Edge Compliance Outsourcing Services. "I think the industry will continue to fight that struggle in foreseeable future."
"When they get hit with a data breach, firms become susceptible to regulators' investigations, enforcement actions and lawsuits, because customer information has been compromised," said Brandon Reif, an industry attorney.
"We have notified certain clients of a limited business email compromise by an unknown malicious actor," an Interactive Brokers' spokesperson wrote in an email. "There is no evidence that any client’s information was subject to actual or attempted misuse as a result of this incident, and there is no evidence that there was any unauthorized access to any client’s account, or to any of [the firm's] systems."
In a move to modernize regulation around how certain institutions handle customers’ nonpublic personal information, the SEC this month said that it adopted critical amendments to Regulation S-P.
This move is intended to address the growing risks associated with technological advancements since the rule’s initial adoption in 2000. Under the amendments, broker-dealers, investment companies, registered investment advisers, and transfer agents will have to meet new requirements to safeguard customer data.
Among the updates to Regulation S-P, covered institutions are mandated to establish written policies and procedures for an incident response program. This program must include measures to detect, respond to, and recover from unauthorized access to or use of customer information.
With certain limited exceptions, the new rules also require firms to notify affected individuals, or those reasonably likely to have been affected, as soon as practicable, but no later than 30 days after the institution becomes aware of a breach.
The "Crypto Mom" departure would leave the SEC commission with just two members and no Democratic commissioners on the panel.
IFP Securities’ owner, Bill Hamm, has a long-term plan for the firm and its 279 financial advisors.
Meanwhile, a Osaic and Envestnet ink a new adaptive wealthtech partnership to better support the firm's 10,000-plus advisors, and RIA-focused VastAdvisor unveils native integrations with leading CRMs.
A former Alabama investment advisor and ex-Kestra rep has been permanently barred and penalized after clients he promised to protect got caught in a $2.6 million fraud.
As more active strategies get packaged into the ETF wrapper, advisors and investors have to look beyond expense ratios as the benchmark for value.
Wellington explores how multi strategy hedge funds may enhance diversification
As technical expertise becomes increasingly commoditized, advisors who can integrate strategy, relationships, and specialized expertise into a cohesive client experience will define the next era of wealth management
