Security News > 2021 > July > Morgan Stanley reports data breach after vendor Accellion hack
Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor.
Guidehouse, a third-party vendor that provides account maintenance services to Morgan Stanley's StockPlan Connect business, notified the investment banking company in May 2021 that attackers hacked its Accellion FTA server to steal information belonging to Morgan Stanley stock plan participants.
Guidehouse discovered the breach in March and the impact to Morgan Stanley customers in May, when it notified the financial services company of the incident and that no evidence was found of the stolen data being disseminated online by the threat actors.
"There was no data security breach of any Morgan Stanley applications," Morgan Stanley said in data breach notification letters sent to impacted individuals.
"The protection of client data is of the utmost importance and is something we take very seriously," a Morgan Stanley spokesperson told BleepingComputer.
While the attackers' identity was not disclosed in Morgan Stanley's data breach notification, a joint statement published by Accellion and Mandiant from February shed more light on the attacks, directly linking them to the FIN11 cybercrime group.
News URL
Related news
- CSC ServiceWorks discloses data breach after 2023 cyberattack (source)
- How to Prevent Your First AI Data Breach (source)
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)
- Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year (source)
- Park’N Fly notifies 1 million customers of data breach (source)
- GDPR Data Breach Notification Letter (Free Download) (source)
- Business services giant CBIZ discloses customer data breach (source)