Another breach at a large financial institution exposed the personal information of thousands of customers to the public. TechCrunch reported that unidentified hackers obtained the personal data of 77,009 customers from asset management company Fidelity Investments.
A Maine Attorney General’s filing posted yesterday reveals that an unidentified third party used two fake customer accounts to obtain the information in mid-August. It is not yet known how these accounts were used to access customer data. Fidelity said in a letter to customers that it discovered the breach on August 19. The letter also said that while the unidentified person did not access customers’ Fidelity accounts, Fidelity confirmed after completing its investigation that customers’ personal data had been compromised.
The New Hampshire Attorney General’s Office yesterday filed a second data breach notification disclosing a new “data security incident” involving customer data at Fidelity Investments. According to the notice, an unauthorized third party also submitted a fake access request on August 19 to gain access to “an internal database containing images of documents related to Fidelity customers.” The second data breach did not provide unwanted access to customers’ accounts or funds, and the information leaked was only “related to a small portion of Fidelity’s customers.”
If you believe your data has been obtained by an unwanted party or is part of a data breach, the Federal Trade Commission will place a freeze and fraud alert on your credit report and your personal bank or credit card accounts. We recommend that you set this. You can also report identity theft incidents at IdentityTheft.gov or by calling 1-877-438-4338.
