Morgan Stanley Discloses Data Breach

  /     /     /  
Publicated : 23/11/2024   Category : security


Morgan Stanley Discloses Data Breach


Attackers were able to compromise customers personal data by targeting the Accellion FTA server of a third-party vendor.



Morgan Stanley has confirmed a data breach in which attackers were able to access personal information belonging to customers by targeting a vulnerability in the Accellion FTA server.
The server belonged to Guidehouse, a vendor that provides account maintenance services to Morgan Stanleys StockPlan Connect business, the bank said in a 
letter
 disclosing the incident. Attackers were able to access participant data, including name, last known address, birth date, Social Security number, and corporate company name. The data compromised did not include passwords that could be used to access financial accounts.
Morgan Stanley said the compromised files were encrypted; however, attackers were able to obtain the decryption key during the breach.
This makes the bank one of many organizations affected by the vulnerability in the Accellion FTA server, an issue 
disclosed
 earlier this year. Following Accellions January announcement, several businesses 
experienced
 data theft and subsequent extortion attempts.
While Guidehouse patched the vulnerability within five days of its availability, the attacker was able to access the data around that time, officials said. The vendor discovered the attack in March 2021 and learned it affected Morgan Stanley in May. It says the delay was due to the trouble in determining which files were stored in the Accellion FTA server when it was exposed.
Read more details 
here
.

Last News

▸ Debunking Machine Learning in Security. ◂
Discovered: 23/12/2024
Category: security

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Morgan Stanley Discloses Data Breach