PYMNTS-MonitorEdge-May-2024

Fidelity Investments Discloses Data Breach Affecting 77,099 Customers

Fidelity

Fidelity Investments has disclosed a data breach that affected 77,099 customers.

The breach occurred Aug. 17 and was discovered Aug. 19, the financial services company said in data breach notifications filed Wednesday (Oct. 9) with the Office of the Maine Attorney General.

“Between August 17 and August 19, a third party accessed and obtained certain information without authorization using two customer accounts that they had recently established,” Fidelity Investments said in a notice of data breach letter sent to consumers Wednesday and posted along with the data breach notifications. “We detected this activity on August 19 and immediately took steps to terminate the access. An investigation was promptly launched with assistance from external security experts.”

The breach affected “a small subset” of the company’s customers, according to the letter.

The letter added that customers’ Fidelity accounts were not accessed in the incident. The sample letter posted by the Office of the Maine Attorney General said that the information obtained by the third party included customers’ personal information but did not specify what was taken in the breach.

Fidelity Investments is not aware of any misuse of the personal information that was obtained in the incidents, per the letter.

This is the fourth breach notification filed by Fidelity Investments in the past 12 months, following previous ones filed July 19, March 18 and March 4, according to the Wednesday data breach notifications.

On Sept. 13, Fidelity said in a press release that it was beginning to take steps to prevent third-party platforms reliant on credential sharing from accessing and taking action in customer accounts held at Fidelity.

The company said in the release that it was making this change to enhance security and reduce customer data exposure, as credential sharing presents security risks to its customers.

Banks and financial institutions are facing increasingly sophisticated fraud tactics, according to the PYMNTS Intelligence and NCR Voyix collaboration, “Progress and Protection: Balancing Convenience and Security in Digital Banking.”

The average fraud-related costs for financial institutions with assets exceeding $5 billion leapt 65% in 2023 compared to the previous year, reaching $3.8 million, according to the report.

PYMNTS-MonitorEdge-May-2024