SEI Investments Co., a fund administrator for Pacific Investment Management Co., Angelo Gordon & Co., Centerbridge Partners and other money managers, said a cyberattack at one of its key vendors exposed data.
The attack involved data on SEI clients, according to a statement from an SEI spokesperson.
One of SEI Investments’ vendors, M.J. Brunner Inc., was breached in a ransomware attack that occurred on May 17, and the root cause was not related to vulnerability of SEI’s systems, the spokesperson said.
“We take our clients’ security very seriously, and we are working with Brunner, the Federal Bureau of Investigation and our impacted clients to understand the extent to which SEI’s or our clients’ data has been exposed,” the spokesperson said. Representatives for M.J. Brunner didn’t respond to a request for comment.
The episode comes amid heightened sensitivity to cybercrime in the financial services industry. The Securities and Exchange Commission issued a bulletin earlier this month warning that ransomware attacks are becoming more sophisticated. Chief technology officers have also been under pressure as firms moved operations to remote setups because of nationwide lockdowns to stem the spread of COVID-19.
A spokesperson for Pimco confirmed that the company was aware of the cyberattack on SEI’s vendor and that information from certain investors in Pimco’s private funds had been revealed.
“Pimco is committed to ensuring the privacy of client information and is working with SEI to determine what data was disclosed and has informed clients that may have been impacted,” the spokesperson said.
Angelo Gordon and Centerbridge were also among the fund companies whose investors were affected by the attack, according to people with knowledge of the matter. Spokesmen for the firms declined to comment.
Centerbridge found out about the attack on July 16 and told investors the next day, according to one of the people. The impact was limited to only certain contact names and email addresses because Centerbridge had the investor dashboard as a back-up system, so it wasn’t in use at the time of the breach, the person said.
The Wall Street Journal earlier reported the breach, saying the attack involved about 100 of the fund administrator’s clients.
Financial services compliance consultant ACA Group told InvestmentNews it had four clients report receiving emails that impersonated David Bottom, the SEC's chief information officer, with smaller firms being targeted.
Financial advisor Derek Wittjohann shares the lessons he learned after leaving a major wirehouse to set up his own practice in the second installment of InvestmentNews' new 'Independence Stories' series.
Whether a firm manages $50 million or $5 billion in client assets, building a succession strategy needs to be a priority at least a decade out from retirement.
RIA assets are key for broker-dealers right now.
The former investment advisor misled clients in a decade-long scheme to fund international travel expenses, country club fees, and other personal expenses, according to three government agencies.
Orion's Tom Wilson on delivering coordinated, high-touch service in a world where returns alone no longer set you apart.
Barely a decade old, registered index-linked annuities have quickly surged in popularity, thanks to their unique blend of protection and growth potential—an appealing option for investors looking to chart a steadier course through today's choppy market waters, says Myles Lambert, Brighthouse Financial.
