Morgan Stanley will pay a fine of $1 million to the Securities and Exchange Commission (SEC) for failing to protect customer data, reports Security Week.
The banking giant reportedly violated the Safeguards Rule, which allowed then employee Galen J. Marsh to transfer client details to his home computer, which was later hacked by a third party.
In January 2015, confidential details of around 900 of Morgan Stanley’s 730,000 clients were released online by the hackers briefly with an offer to sell more, says Security Week, quoting the federal agency. Marsh was soon criminally charged and ordered to pay $600,000 in restitution and sentenced to 36 months of probation.
“We expect SEC registrants of all sizes to have policies and procedures that are reasonably designed to protect customer information,” said Andrew Ceresney of SEC.
Morgan Stanley has agreed to pay the fine.
For details on the story, click here.
- Cyber Security A Major Risk To US Financial System: SEC Chief
- G7 Global Finance Leaders Push Cybersecurity Framework
- From Securities To Security: Why The SEC Is Bringing Cyber To The Boardroom