Fidelity Investments, one of the crypto exchange-traded fund (ETF) issuers, has reported a data breach incident that affected the personal information of some of its customers.
According to the report, an unnamed third-party agent used two customer accounts without authorization to access and obtain certain information belonging to 77,000 customers between August 17 and August 19.
Fidelity Investments Suffered Data Breach That Exposed Personal Data Of 77,000 Customers
One of the largest asset managers in the world, Fidelity Investments, has confirmed that the personal information, including Social Security Numbers (SSN) and driver’s licenses, of 77,000 of its customers was compromised during an August data breach.
Fidelity Investments reported that the data breach took place between August 17 and August 19 when an unnamed third-party agent accessed customers’ information on its systems “using two customer accounts that they had recently established.”
Soon after, Fidelity sent a letter to the affected customers, saying,
“We detected this activity on August 19 and immediately took steps to terminate the access.” The finance company added that the incident did not involve any access to customers’ funds.
Fidelity Investment Reported The Data Breach To Maine Attorney General
On Wednesday, October 9, the American financial services firm filed a data breach report to the Maine Attorney General’s office almost two months after the incident.
In the report, Fidelity stated that 77,099 out of its total 51.5M+ customers were affected by the data breach. Fidelity revealed that it is currently working together with “external security experts” to resolve the matter.
Fidelity Investment Reported The Data Breach To New Hampshire’s Attorney General
Fidelity reported the data breach in another filing to New Hampshire’s attorney general. In the notice, Fidelity mentioned that the third-party agent,
Accessed and stole certain personal data of Fidelity customers and other individuals by submitting fraudulent requests to an internal database that contains images of documents belonging to Fidelity customers.
In another separate filing with the Massachusetts attorney general, Fidelity Investments mentioned that the breached data included customers’ Social Security numbers (SSNs) and driver’s licenses.
However, in all the filings, the asset manager did not explain how the two customer accounts were created or compromised to allow access to the personal data of the other affected customers. Also, at the time of writing this post, there is no information about the data breach on Fidelity’s website.
Fidelity Investment Offers Affected Customers A Free 24-month Credit Monitoring And Identity Restoration Service
According to the report, Fidelity Investment is offering its affected customers a free 24-month credit monitoring and identity restoration service.
The firm stated that this service will better equip the affected customers to help the firm detect,
Any unusual activity that may affect [their] personal financial situation.
According to the report, this is the fourth time Fidelity has experienced a data breach this year. The first data breach took place on March 4, the second on March 18, and the third on July 19.
On March 27, Fidelity Investments filed an S-1 form for a spot Ethereum exchange-traded fund (ETF), with the inclusion of staking.
Last month, Indodax, a popular Indonesian crypto platform, suffered a data breach, losing about $22M in assets across multiple networks.
