Fidelity Admits Over 70k Accounts Affected by Data Breach
Hackers Exploit Two Newly Opened Accounts to Access Customer Data
The $4.9 trillion assets manager, Fidelity Investments, revealed in a notice to the Maine attorney general’s office on Wednesday that they suffered a data breach that compromised the personal information of about 77,000 customers.
Although it is unclear how the hackers were able to access customer data, Fidelity says two new accounts were likely behind the attacks on August 19.
Fidelity Offers Little Information About The Breach
In a notification letter sent to the affected customers, Fidelity stated,
“We detected this activity on August 19 and immediately took steps to terminate the access.”
They explained that the breach occurred when hackers exploited two recently established customer accounts to gain access to information for a small subset of the company’s 51.5 million customers.
The manager subsequently launched an investigation, and Fidelity assured customers that the attack did not compromise any customer accounts or funds.
Free Services to Affected Customers
As a result of the breach, Fidelity offered affected clients two years of credit monitoring and identity restoration service through Transunion LLC.
They also reminded clients to update their passwords regularly and review their financial accounts regularly to look for fraudulent or suspicious activity or identity theft.
More on the Asset Manager
Fidelity Investments is a multinational American financial service company that diversified into the crypto markets with its subsidiary, Fidelity Digital Assets.
Its spot Bitcoin ETF became one of the fastest-growing ETFs globally, ranking as the ninth largest by assets under management (AUM) this decade, in barely a year. It trails only behind another major player in asset management, BlackRock.
This isn’t Fidelity’s first cyber incident. The assets manager was exposed earlier this year after attackers obtained the company’s customer data through Infosys McCamish System. About 28,000 individuals had their names, dates of birth, states of residence, Social Security numbers, bank account and routing numbers, and credit card numbers exposed.
