dashboard



'Astonishing.' Morgan Stanley hard drives holding sensitive client data got auctioned off online

'Astonishing.' Morgan Stanley hard drives holding sensitive client data got auctioned off online



FULL SHOW 09/14/2022: Stubbornly high inflation rocks Wall StreetReplayMore Videos ... (16 Videos)FULL SHOW 09/14/2022: Stubbornly high inflation rocks Wall StreetYou can now edit and unsend iMessages. Here's how it worksTearful testimony in latest Alex Jones trial: "It makes me angry because I'm not a liar"Romans: There is a move afoot here for better quality of livingPatagonia founder says 'Earth is now our only shareholder'20 hours of negotiations end with tentative deal to avoid rail strike4 ways Twitter and Musk court battle could end, explainedSenator asks Twitter whistleblower about alleged Chinese spying. See his responseHere's how Elon Musk calculated the number of bots on TwitterThis is what Chevron's CEO thinks about climate change Hear why 15,000 nurses decided to walk off the jobSee moment Blue Origin rocket catches fire during launchBob Iger: Disney buying Twitter 'would've been irresponsible'CEO calls out misleading studies on efficacy of working from homeSee Apple's new iPhone 14Companies want workers back in office. Workers aren't so sureNew York (CNN Business)Federal regulators accused Morgan Stanley on Tuesday of "astonishing" failures that led to the mishandling of sensitive data on some 15 million customers.

Morgan Stanley was slapped with a $35 million fine from the Securities and Exchange Commission for extensive failures to safeguard personal identifying information on its clients.Since at least 2015 Morgan Stanley did not properly get rid of devices holding sensitive customer data, according to the settlement.In one episode described by the SEC, Morgan Stanley hired a moving company -- one that had "no experience or expertise" in data destruction -- to decommission thousands of hard drives and servers holding customer data.Stocks sink as investors wait for the Fed's rate hikeThat moving company later sold thousands of Morgan Stanley devices, some of which contained personal identifying information, to a third party, the SEC said. Read MoreThose devices were eventually resold on an internet auction site -- without the removal of the sensitive data, according to the settlement.Morgan Stanley was able to recover some of those devices, which contained "thousands of pieces of unencrypted customer data," the SEC said. "The firm has not recovered the vast majority of the devices," according to the settlement.Morgan Stanley's "failures in this case are astonishing," Gurbir Grewal, director of the SEC's enforcement division, said in a statement. "If not properly safeguarded, this sensitive information can end up in the wrong hands and have disastrous consequences for investors."Beyond the servers and hard drivers, the SEC found that Morgan Stanley failed to safeguard customer data and properly dispose of consumer report information in other ways, including when the firm shut down local office and branch servers. The settlement said that a Morgan Stanley review found that 42 servers, all potentially containing unencrypted data and consumer report information, were "missing." Morgan Stanley agreed to pay the fine without admitting or denying the findings in the settlement. In a statement, Morgan Stanley said it is pleased to have resolved this issue and expressed confidence that no sensitive data was exploited. "We have previously notified applicable clients regarding these matters, which occurred several years ago, and have not detected any unauthorized access to, or misuse of, personal client information," Morgan Stanley said in the statement.


Click Here To Get Funded!