Another breach of a huge financial institution has leaked the personal information of thousands of customers to the public. TechCrunch reported that an unidentified hacker obtained 77,009 customers’ personal data from the asset management firm Fidelity Investments.
A filing by Maine’s attorney general posted yesterday revealed that the unidentified third party obtained the information in mid-August using two phony customer accounts. It’s not yet known how these accounts were used to access customer data. Fidelity said in a letter to its customers that it discovered the breach on August 19. The letter also said that the unidentified party did not access customers’ Fidelity accounts but after Fidelity completed its review, it confirmed that customers’ personal data had been breached.
The New Hampshire attorney general’s office filed a second data breach notice yesterday revealing another “data security incident” of Fidelity Investments’ customer data. The notice says the unauthorized third party obtained access to “an internal database that houses images of documents pertaining to Fidelity customers” by submitting fake requests for access also on August 19. The second data breach did not provide unwanted access to any customer accounts or funds and the leaked information only “related to a small subset of Fidelity’s customers.”
If you believe your data has been obtained by unwanted parties or is part of a data leak, the Federal Trade Commission recommends putting a freeze and fraud alerts on your credit reports and personal bank and credit card accounts. You can also report any identity theft incidents at IdentityTheft.gov or by calling 1-877-438-4338.
This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/data-breach-of-fidelity-leaks-77000-customers-personal-data-214248985.html?src=rss