Personal information of more than 77,000 customers exposed in Fidelity Investments data breach.

Fidelity Investments is the latest US company to be hit by a massive data breach.

The company is one of the world’s largest asset managers, but it still fails to get its cybersecurity infrastructure in place. The incident marks the company’s second breach in 12 months, occurring in August.

Although no Fidelity accounts were compromised, personal information was exposed, including Social Security numbers and driver’s licenses.

GET SECURITY ALERTS, EXPERT TIPS — SUBSCRIBE TO KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE

Illustration of a hacker on a laptop. (Kurt “CyberGuy” Knutsson)

What happened?

Fidelity Investments said in a filing with Maine Attorney General that an anonymous third party accessed information in its systems using two recently created customer accounts. It was not specified how the creation of two Fidelity customer accounts had provided access to the data of thousands of other customers.

“We detected this activity on August 19 and immediately took action to terminate access,” Fidelity said in a letter sent to those affected. The company confirmed that the data breach compromised the personal information of more than 77,000 customers, but did not involve any access to their Fidelity accounts. This incident still represents only a small portion of its overall customer base of 51.5 million.

The breach occurred between August 17 and 19 when an attacker accessed customer names and other personal identifiers, including Social Security numbers and driver’s licenses. Fidelity was able to stop the unauthorized access on August 19 after detecting the breach.

A man surfs on his cell phone. (Kurt “CyberGuy” Knutsson)

MONEYGRAM HACK EXPOSES SENSITIVE CUSTOMER DATA AND PAROPTIZED SERVICES

Is Fidelity doing anything to address this violation?

“We take this incident and the security of your information very seriously. As previously mentioned, after detecting this activity, we quickly took steps to stop it and remedy the situation,” the company said in a notice sent to the customers concerned. However, it is difficult to gauge how seriously he takes this incident, especially since this is the second incident to occur in 2024 alone.

Fidelity is offering free credit monitoring and identity restoration services to those affected by this breach for 24 months. The company also encourages individuals to remain vigilant, review their financial statements regularly and report any suspicious or fraudulent activity.

CLICK HERE FOR MORE NEWS FROM US

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

6 ways to protect yourself from a data breach

1. Enable two-factor authentication (2FA) on all accounts: One of the most effective ways to protect your personal and financial information from hackers is to enable two-factor authentication (2FA) wherever possible. This adds an extra layer of security by requiring two forms of verification before granting access to your account, such as a password and a one-time code sent to your phone. Even if your password is stolen, 2FA can prevent hackers from accessing your accounts.

2. Monitor your financial accounts regularly: After a data breach, especially when sensitive financial information such as transaction details and bank account numbers have been compromised, it is crucial to regularly monitor your bank statements, credit card transactions and even small purchases . Look for any unauthorized activity, no matter how minor, and report it immediately to your bank or service provider.

GET FOX BUSINESS ON THE GO BY CLICKING HERE

3. Change your passwords and use strong, unique passwords: Fidelity customers who have reused their passwords across multiple accounts should immediately update their login information. A strong password combines upper and lower case letters, numbers and symbols, making it harder for hackers to guess or decipher. Consider using a password manager to securely store and generate complex passwords.

4. Sign up for identity theft protection: Because hackers stole Social Security numbers, government-issued IDs, and other sensitive information in the Fidelity breach, affected customers should consider purchasing data theft protection. ‘identify. These services notify you if someone tries to open new lines of credit or loans in your name, allowing you to take immediate action to prevent identity theft. Additionally, you can place fraud alerts or freeze your credit reports to prevent unauthorized access. Check out my tips and top picks for protecting yourself against identity theft.

5. Beware of phishing attacks and scams: After a data breach, there is often a slight increase phishing attackswhere scammers try to trick you into revealing additional personal information by pretending to be legitimate businesses. Always verify the authenticity of emails, especially those requesting sensitive information. Never click on links or download attachments from suspicious sources, and verify any requests for information by contacting the company directly.

The best way to protect yourself from malicious links that install malware and potentially access your private information is to install antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware scams, protecting your personal information and digital assets. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android, and iOS devices.

6. Invest in personal data deletion services: While no service promises to remove all of your data from the Internet, having a removal service is ideal if you want to continuously monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. long. Check out my top picks for data deletion services here.

THE WORLD’S LARGEST DATABASE OF STOLEN PASSWORDS UPLOADED TO CRIMINAL FORUM

Kurt’s Key Takeaways

Fidelity manages more than $14 trillion in assets, which speaks volumes about the company’s revenue and customers’ expectations for protecting their data and assets. However, it appears that robust cybersecurity is not a top priority for Fidelity. Instead of implementing meaningful security measures, the company appears to be taking a “slap on the wrist” approach, signing people up for services that only shift responsibility to individuals to monitor for breaches. There is a lack of individual-level security measures, such as row-level security or authentication tokens that require personal approval to access records.

CLICK HERE TO GET THE FOX NEWS APP

Should Fidelity and similar companies face harsher penalties for repeated violations? Let us know by writing to us at Cyberguy.com/Contact

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter by visiting Cyberguy.com/Newsletter

Ask Kurt a question or tell us what stories you’d like us to cover.

Follow Kurt on his social networks:

Answers to the most asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.