Fidelity Investments is the latest American company to fall victim to a major data breach.
Although the company is one of the world’s largest asset management companies, it still lacks a cybersecurity infrastructure in place. The incident marks the company’s second breach in 12 months, which occurred in August.
No Fidelity accounts were compromised, but personal information was compromised, including social security numbers and driver’s licenses.
Illustration of a hacker on a laptop. (Kurt “Cyber Guy” Knutson)
what happened?
Fidelity Investments is Submitted to the Maine Attorney General An anonymous third party allegedly gained access to information on the system using two recently established customer accounts. There is no mention of how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.
“We detected this activity on August 19th and took immediate steps to terminate access,” Fidelity said in a letter to those affected. The company confirmed that the data breach compromised the personal information of more than 77,000 customers, but did not include access to any Fidelity accounts. This incident represents only a small portion of its overall customer base of 51.5 million people.
The breach occurred between August 17th and 19th, and the attackers gained access to customer names and other personally identifying information, such as Social Security numbers and driver’s licenses. After detecting the breach, Fidelity was able to stop the unauthorized access on August 19th.
A man surfing on his mobile phone. (Kurt “Cyber Guy” Knutson)
MoneyGram hack exposes sensitive customer data and crippled services
Is Fidelity doing anything about this breach?
“We take this incident and the security of your information very seriously,” the company said in a notice sent to affected customers. “As mentioned above, after detecting this activity, we We immediately put a stop to it and took steps to address the situation.” But it’s difficult to gauge how seriously people are taking this incident, especially since this is the second such incident in 2024 alone.
Fidelity will provide 24 months of free credit monitoring and identity restoration services to users affected by this breach. The company also encourages individuals to remain vigilant, regularly review their financial statements, and report any suspicious or fraudulent activity.
Click here for more US news
Illustration of a hacker at work. (Kurt “Cyber Guy” Knutson)
6 ways to protect yourself from data breaches
1. Enable two-factor authentication (2FA) on all accounts. One of the most effective ways to protect your personal and financial information from hackers is to enable: Two-factor authentication (2FA) Everywhere possible. This provides an extra layer of security by requiring two forms of authentication, such as a password and a one-time code sent to your mobile phone, before granting you access to your account. Even if your password is stolen, 2FA can prevent hackers from gaining access to your account.
2. Monitor your financial accounts regularly. After a data breach, it’s important to regularly monitor bank statements, credit card transactions, and even small purchases, especially if sensitive financial information such as transaction details or bank account numbers has been compromised. is. Look for any fraudulent activity, no matter how minor, and report it to your bank or service provider immediately.
CLICK HERE TO GET FOX BUSINESS ON THE GO
3. Change your password and use a strong, unique password. Fidelity customers who reuse passwords across multiple accounts should update their login information immediately. A strong password is a combination of uppercase and lowercase letters, numbers, and symbols that make it difficult for hackers to guess or crack. Please consider using . password manager Securely store and generate complex passwords.
4. Sign up for identity theft protection. Given that hackers stole Social Security numbers, government-issued IDs, and other sensitive information in the Fidelity breach, affected customers should consider signing up for identity theft protection. These services notify you when someone tries to open a new line of credit or loan in your name, so you can take immediate action to prevent identity theft. You can also place fraud alerts or freezes on your credit report to prevent unauthorized access. Check out our tips and recommendations on how to protect yourself from identity theft.
5. Beware of phishing attacks and scams. After a data breach, we often see data growth. Phishing attackIn , scammers pose as legitimate companies and try to trick users into revealing additional personal information. Always double-check the authenticity of emails, especially those that request sensitive information. Don’t click on links or download attachments from suspicious sources. If you have a request for information, please contact the company directly for confirmation.
The best way to protect yourself from malicious links that can install malware and access your personal information is to install antivirus software on all your devices. This protection also warns you about phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best antivirus protection products of 2024 for Windows, Mac, Android, and iOS devices.
6. Invest in a personal data deletion service. No service promises to remove all data from the Internet, but if you want to constantly monitor and automate the process of removing information from hundreds of sites over an extended period of time, a removal service is a good option. is the best. Check out the data deletion services I recommend here.
World’s largest stolen password database uploaded to criminal forum
Cart important points
Fidelity manages more than $14 trillion in assets, which speaks to the company’s revenue and customer expectations for the protection of their data and assets. However, robust cybersecurity doesn’t seem to be a top priority for Fidelity. Instead of implementing meaningful security measures, the company appears to be taking a “slap on the wrist” approach by getting people to sign up for a service that simply shifts the responsibility of monitoring for violations onto individuals. It lacks individual-level security measures, such as row-level security and authentication tokens that require individual approval to access records.
CLICK HERE TO GET THE FOX NEWS APP
Should companies like Fidelity be subject to harsher penalties for repeated violations? Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter
Ask your cart a question or let us know your story you’d like us to feature.
Follow Kurt’s social channels:
Answers to frequently asked questions at CyberGuy:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.
