Fidelity Investments data breach impacted 77K customers

October 14, 2024
Fidelity Investments Data Breach System Compromise Financial Services Cyberattack

The Boston-based international financial services company Fidelity Investments disclosed that it suffered a system compromise in August that impacted about 77,000 of its customers.

Reports revealed that the data breach incident had affected the personal information of the alleged clients. Fidelity is one of the world’s most prominent asset managers, with $5.5 trillion under management and $14.1 trillion in funds under administration.

Additionally, it is the home to more than 75,000 associates in multiple countries across North America, Europe, Asia, and Australia. In a legal filing, the company stated that an unidentified individual stole the company database using two newly generated customer accounts between August 17 and 19.

 

Fidelity Investments revealed that they immediately suspended the unauthorised access upon identifying the incident.

 

Fidelity Investments explained that it immediately investigated and suspended the unauthorised access after uncovering it on August 19. The company also disseminated a data breach notification, which revealed that it immediately launched an investigation with the assistance of a third-party security provider.

Moreover, the company assured everyone that no one had access to their Fidelity accounts besides the hired third-party security provider that acquired a tiny subset of client data. Fidelity also stated that the incident exposed the data of 77,099 clients but has yet to disclose what personal information was stolen, except names and other personal identifiers.

The head of the company’s external corporate communications said that they could not provide information on how the attackers acquired initial access to execute the attack.

The business still offers free 24-month credit monitoring and identity restoration services despite insisting that there is no proof of misuse or stolen customer data. Potentially affected customers should be wary of their unsolicited communications since the exposed data could allow the threat actors to execute other forms of cybercriminal operations.

About the author

Leave a Reply