EDITOR’S NOTE: An earlier version of this article misstated the number of data breaches Fidelity suffered in the last year. Corrected that this was the only one.

Fidelity Investments is the latest American company to be hit by a massive data breach.

The company is one of the world’s largest asset managers, but is still failing to get its cybersecurity infrastructure together. Although no Fidelity accounts were compromised, personal information was exposed, including Social Security numbers and driver’s licenses.

GET SAFETY ALERTS, EXPERT TIPS – SIGN UP FOR KURT’S NEWSLETTER – THE CYBERGUY REPORT HERE

Illustration of a hacker on a laptop. (Kurt “CyberGuy” Knutsson)

What happened?

Fidelity Investments reported in a Filed with Maine Attorney General that an unnamed third party accessed information from its systems through two recently created customer accounts. It did not say how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.

“We discovered this activity on August 19 and took immediate action to disable access,” Fidelity said in a letter to those affected. The company confirmed that the data breach affected the personal information of over 77,000 customers, but did not include access to their Fidelity accounts. This incident still represents only a small portion of the total customer base of 51.5 million.

The breach occurred between August 17 and 19 when an attacker accessed customer names and other personal identifiers, including Social Security numbers and driver’s licenses. Fidelity was able to stop the unauthorized access on August 19 after discovering the breach.

A man surfs with his cell phone. (Kurt “CyberGuy” Knutsson)

MONEYGRAM HACK EXPOSES SENSITIVE CUSTOMER DATA AND DAMAGED SERVICES

Is Fidelity doing anything about the violation?

“We take this incident and the security of your data very seriously. As previously mentioned, upon discovering this activity, we took immediate action to stop it and resolve the situation,” the company said in a notice to affected customers.

Fidelity is offering 24 months of free credit monitoring and identity restoration services to those affected by this breach. The Company also encourages individuals to remain vigilant, review their financial reports regularly, and report any suspicious or fraudulent activity.

CLICK HERE FOR MORE US NEWS

Illustration of a hacker at work. (Kurt “CyberGuy” Knutsson)

6 Ways to Protect Yourself from a Data Breach

1. Enable two-factor authentication (2FA) for all accounts: One of the most effective ways to protect your personal and financial information from hackers is activation Two-factor authentication (2FA) wherever possible. This provides an additional layer of security as two types of verification are required before granting access to your account, such as: B. a password and a one-time code sent to your phone. Even if your password is stolen, 2FA can prevent hackers from accessing your accounts.

2. Monitor your financial accounts regularly: After a data breach, especially if sensitive financial information such as transaction details and bank account numbers have been compromised, it is important to regularly monitor your bank statements, credit card transactions, and even small purchases. Look for unauthorized activity, no matter how minor it seems, and report it to your bank or service provider immediately.

GET FOX BUSINESS ON THE GO by CLICKING HERE

3. Change your passwords and use strong, unique passwords: Fidelity customers who have reused passwords across multiple accounts should update their credentials immediately. A strong password combines upper and lower case letters, numbers and symbols, making it harder for hackers to guess or crack. Consider using a Password manager to securely store and generate complex passwords.

4. Sign up for Identity Theft Protection: Given that hackers stole Social Security numbers, government-issued IDs and other sensitive information as part of the Fidelity breach, affected customers should consider signing up for identity theft protection. These services alert you when someone attempts to open new lines of credit or loans in your name, so you can take immediate action to prevent identity theft. Additionally, you can add fraud alerts or blocks to your credit reports to prevent unauthorized access. Check out my tips and best tips on how to protect yourself from identity theft.

5. Be careful of phishing attacks and scams: A spike often occurs after a data breach Phishing attackswhere scammers attempt to trick you into providing additional personal information by posing as legitimate companies. Always check the authenticity of emails, especially emails that ask for sensitive information. Never click on links or download attachments from suspicious sources and verify all requests for information by contacting the company directly.

The best way to protect yourself from malicious links that install malware and potentially access your private data is to install antivirus software on all your devices. This protection can also alert you to phishing emails and ransomware scams, protecting your personal information and digital assets. Get my pick of the best antivirus winners of 2024 for your Windows, Mac, Android and iOS devices.

6. Invest in Personal Data Removal Services: Although no service promises to remove all of your data from the Internet, a removal service is great if you want to continuously monitor and automate the process of removing your data from hundreds of websites over time. Check out my top picks for data removal services here.

The world’s largest database of stolen passwords has been uploaded to the crime forum

Kurt’s most important findings

Fidelity manages over $14 trillion in assets, which speaks volumes about the company’s revenue and customers’ expectations of the company to protect their data and assets. However, it appears that robust cybersecurity is not Fidelity’s top priority. Instead of implementing meaningful security measures, the company appears to be taking a “slap on the wrist” approach and signing people up for services that simply shift the responsibility of monitoring for breaches onto individuals. There is a lack of security measures at the individual level, such as: For example, row-level security or authentication tokens that require personal permission to access records.

CLICK HERE TO GET THE FOX NEWS APP

Should Fidelity and similar companies face harsher penalties for repeat violations? Let us know by writing to us Cyberguy.com/Contact

For more tech tips and security alerts, subscribe to my free CyberGuy Report newsletter at Cyberguy.com/Newsletter

Ask Kurt a question or tell us what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most frequently asked CyberGuy questions:

New from Kurt:

Copyright 2024 CyberGuy.com. All rights reserved.