-
Until last April, the young adviser now at the center of Morgan Stanley's massive client data breach was a sales assistant who spent the majority of his career under the tutelage of one the firm's wealth management teams.
January 9 -
The leak of client records at Morgan Stanley illustrates the danger posed when just one employee has unauthorized or unsecured access to sensitive information, as well as the ongoing threat to financial institutions from insider theft.
January 7
The Federal Trade Commission has closed its investigation of Morgan Stanley's massive data breach. It has identified the problem that allowed the breach to happen: access controls to a narrow set of reports were improperly configured.
According to Morgan Stanley, a rogue employee in December
The bank said it caught this breach within hours, quickly fired the employee and the account information was wiped off Pastebin. Morgan Stanley also shut down the software that the employee used to access the records.
The
In an emailed statement, Morgan Stanley said it "promptly alerted law enforcement and regulators, notified affected clients, changed account numbers and offered identity protection services. We worked quickly to mitigate the issue and implemented enhanced security safeguards. There is no evidence of fraud occurring on the affected client accounts as a result of this incident."
Although the FTC closed the investigation, the commission said it "reserves the right to take such further action as the public interest may require."