Fidelity Says Data Breach Exposed Personal Data of 77,000 Customers (techcrunch.com)
- Reference: 0175229763
- News link: https://yro.slashdot.org/story/24/10/10/2133224/fidelity-says-data-breach-exposed-personal-data-of-77000-customers
- Source link: https://techcrunch.com/2024/10/10/fidelity-says-data-breach-exposed-personal-data-of-77000-customers/
> Fidelity Investments, one of the world's largest asset managers, has confirmed that [1]over 77,000 customers had personal information compromised during an August data breach , including Social Security numbers and driver's licenses. The Boston, Massachusetts-based investment firm said in [2]a filing with Maine's attorney general on Wednesday that an unnamed third party accessed information from its systems between August 17 and August 19 "using two customer accounts that they had recently established."
>
> "We detected this activity on August 19 and immediately took steps to terminate the access," Fidelity said in a letter sent to those affected, adding that the incident did not involve any access to customers' Fidelity accounts. Fidelity confirmed that a total of 77,099 customers were affected by the breach, and its completed review of the compromised data determined that customers' personal information was affected. When reached by TechCrunch, Fidelity did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.
>
> In [3]another data breach notice filed with New Hampshire's attorney general, Fidelity revealed that the third party "accessed and retrieved certain documents related to Fidelity customers and other individuals by submitting fraudulent requests to an internal database that housed images of documents pertaining to Fidelity customers." Fidelity said the data breach included customers' Social Security numbers and driver's licenses, according to [4]a separate data breach notice filed by Fidelity with the Massachusetts' attorney general. No information about the breach was found on Fidelity's website at the time of writing.
[1] https://techcrunch.com/2024/10/10/fidelity-says-data-breach-exposed-personal-data-of-77000-customers/
[2] https://www.maine.gov/agviewer/content/ag/985235c7-cb95-4be2-8792-a1252b4f8318/a4103ed8-3176-4ca0-99e6-4a320f1c3b32.html?7194ef805fa2d04b0f7e8c9521f97343
[3] https://www.documentcloud.org/documents/25199060-fidelity-data-breach-notice-october-2024
[4] https://www.mass.gov/doc/data-breach-report-2024?7194ef805fa2d04b0f7e8c9521f97343
Question... sort of. (Score:2)
I'm confused, I can understand why an investment company would need your social security number, so that it could be tied back to you for tax related purposes. I don't entirely agree with it but OK, fine. But Why would they need your driver's license information at all? If they are able to validate you are who you say you are based on your ID information, there's no need to Keep that set of record data long term.
Social Security Numbers (Score:2)
Why does every business need a copy of my Social Security Number?
Re: (Score:3)
Most don't, and I once told a Spectrum phone agent that she would either complete my order without my SSN, or I would cancel the request completely (she relented). But Fidelity, by dint of being a major financial brokerage/agent with tax reporting requirements to the IRS, does.
Re: (Score:2)
> Why does every business need a copy of my Social Security Number?
To be fair, Fidelity is a financial institution and actually needs your SSN.
Other than that, no idea. Maybe for a credit check, though, again, for the most part, why that too?
Fidelity? (Score:2)
More like Infidelity mirite?
And no one was punished (Score:2)
"Sorry, customers... tough luck for you!"
Re: (Score:1)
Prosecution.