![]() While MSSB recovered some of the devices, which were shown toĬontain thousands of pieces of unencrypted customer data, theįirm has not recovered most of the devices. Including servers and hard drives, some of which containedĬustomer PII, and which were eventually resold on an internetĪuction site without the removal of such customer PII. The staff’s investigation found that the movingĬompany sold thousands of MSSB devices to a third-party, Over several years, MSSB failed to properly monitor the movingĬompany’s work. PII of millions of its customers,” the SEC said. With no experience or expertise in data destruction services toĭecommission thousands of hard drives and servers containing the “On multiple occasions, MSSB hired a moving and storage company Understanding and expectation that it will be protected, and MSSBįell woefully short in doing so,” Gurbir S Grewal, director of Their personal information to financial professionals with the “MSSB’s failures in this case are astonishing. The SEC said that as far back as 2015, MSSB failed to properlyĭispose of devices containing its customers’ PII. With the firm that chooses to outsource certain tasks. Third-party data providers and how liability for problems remains The MSSB case also raises questions about the role of Inadvertently put 120,000 persons’ details on a public The story adds to tales of how large institutions have failed to Unauthorized access to, or misuse of, personal client Which occurred several years ago, and have not detected any Previously notified applicable clients regarding these matters, Stanley for comment and may update in due course.Ī report by PC Mag quoted a Morgan Stanley spokespersonĪs saying: "We are pleased to be resolving this matter. Took place over a period of five years, the SEC said in a The firm’s failings to protect personal identifying information The data of approximaely 15 million clients. Morgan Stanley Smith Barney LLC, part of Morgan Stanley, hasĪgreed to pay $35 million to settle charges with the SecuritiesĪnd Exchange Commission for “astonishing” failures to protect It highlights how cybersecurity is not just about avoiding hostile forces from outside organizations – such as hackers – it is also about avoiding failings within organizations. The story adds to other cases of large financial institutions' lapses over protecting client information.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |