Morgan Stanley has reported that some of its clients’ personal data was compromised earlier this year after it learned of a security breach involving one of its vendor partners.
The investment bank was notified in May by Guidehouse, a vendor that provides account maintenance services to Morgan Stanley’s StockPlan Connect business, that it had suffered an information security incident, according to a July 2 letter Morgan Stanley sent to the New Hampshire Attorney General's office.
The files obtained from the vendor included: clients’ name; address; date of birth; Social Security number; and corporate company name. However, the files did not contain passwords that could be used to access financial accounts, according to the letter that was posted online and verified by a Morgan Stanley spokesperson.
“The protection of client data is of the utmost importance and is something we take very seriously,” a company spokesperson wrote in an email. “We are in close contact with Guidehouse and are taking steps to mitigate potential risks to clients.”
The breach was previously reported by Bleeping Computer.
Although the data were obtained by the unauthorized individual in January, the vendor didn't discover the attack until March, and didn't discover the impact to Morgan Stanley until May, according to the memo.
Morgan Stanley said attackers gained access to the information by exploiting a vulnerability, which was patched within five days, and that impacted participants will have access to 24 months of free credit monitoring services.
The security breach comes on the heels of a recent string of ransomware attacks on multiple companies, including the attack by DarkSide on the Colonial Pipeline that highlights how crippling these types of cyberattacks can be for a business.
Wealth managers, for one, make easy targets because they publicly diclose their assets under management, and hackers see that as an ability to pay a ransom, said John O’Connell, president and founder of The Oasis Group. Wealth managers also hold some of the most sensitive client data that directly connects to clients' finances — a potential gold mine for a cybercriminal.
A Texas-based bank selects Raymond James for a $605 million program, while an OSJ with Osaic lures a storied institution in Ohio from LPL.
The Treasury Secretary's suggestion that Trump Savings Accounts could be used as a "backdoor" drew sharp criticisms from AARP and Democratic lawmakers.
Changes in legislation or additional laws historically have created opportunities for the alternative investment marketplace to expand.
Wealth managers highlight strategies for clients trying to retire before 65 without running out of money.
Shares of the online brokerage jumped as it reported a surge in trading, counting crypto transactions, though analysts remained largely unmoved.
Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.
Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.
