Fidelity Investments has confirmed a significant data breach affecting tens of thousands of its customers, exposing sensitive personal information, including Social Security numbers and driver’s licenses.
The breach, which occurred in August, was disclosed in regulatory filings with the attorney generals of Maine, New Hampshire, and Massachusetts.
According to its filing submitted to Maine’s attorney general on Wednesday, Fidelity stated that the breach took place between August 17 and August 19, when an unnamed third party gained access to the data through two customer accounts.
It remains unclear how an external actor could have gained access to its broad database of customer information by setting up user accounts.
“We detected this activity on August 19 and immediately took steps to terminate the access,” Fidelity said in a letter giving notice to its impacted customers. The firm emphasized that no Fidelity customer accounts were accessed as part of the incident.
The Boston-based investment giant completed its investigation and confirmed that personal information was compromised, impacting 77,099 individuals.
A separate data breach notice filed with New Hampshire’s attorney general revealed that the attackers “accessed and retrieved certain documents” related to customers through fraudulent requests to an internal database. This database contained images of various documents tied to Fidelity customers and other individuals.
Meanwhile, a data breach report maintained by the government of Massachussets shows Fidelity reporting an incident that impacted 2,768 residents of the state, which compromised Social Security Numbers, financial accounts and drivers licenses.
As of Thursday afternoon, the company's website had not made any public declarations about the incident. The firm has not provided specific information on whether any of the stolen data has been misused.
Separately, Fidelity recently announced it would restrict third parties' access to retirement accounts via credential sharing, particularly fintech firms that use it to access, manage, and trade within their clients' employer-sponsored retirement accounts.
Fidelity, one of the largest asset managers globally, serves over 51 million individual investors and manages approximately $14.1 trillion in customer assets as of June 2024. It remains unclear whether the company plans to release additional details or updates on this breach.
Rajesh Markan earlier this year pleaded guilty to one count of criminal fraud related to his sale of fake investments to 10 clients totaling $2.9 million.
From building trust to steering through emotions and responding to client challenges, new advisors need human skills to shape the future of the advice industry.
"The outcome is correct, but it's disappointing that FINRA had ample opportunity to investigate the merits of clients' allegations in these claims, including the testimony in the three investor arbitrations with hearings," Jeff Erez, a plaintiff's attorney representing a large portion of the Stifel clients, said.
Chair also praised the passage of stablecoin legislation this week.
Maridea Wealth Management's deal in Chicago, Illinois is its first after securing a strategic investment in April.
Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.
Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.
