In a breach warning email to thousands of customers sent on October 9, the financial institution disclosed that a threat actor in Maine had hacked the information of 77,099 Fidelity Investments customers.

The attacker did n’t access funds in Fidelity investment accounts. However, the thief created two new user accounts and obtained personal information, including Social Security numbers and drivers ‘ licenses. Fidelity offered affected customers credit monitoring and identity recovery services in response and blocked the assailant’s access.

In a test see created for Maine citizens, the Fidelity Investments Private Office stated,” We take this event and the safety of your data very seriously.” ” As noted above, upon detecting this exercise, we immediately took steps to cancel the action and solve this event”.

Elements of attack remain unfamiliar

According to Fidelity’s data breach warning in the state of Maine, the assault occurred between Aug. 17 and 19. Fidelity has never made any disclosures as of this writing about how the attacker gained access to the system or how certain features of the new addresses made it possible for them to use the program.

According to Fidelity,” a smaller subset of our clients” were the subjects of the information the next party obtained.

Notice: It’s that time afterwards: Microsoft and Apple both have significant improvements around Patch Tuesday.

Along with shutting the suspect’s entry into the program, Fidelity brought in physical security experts to help with the research. The answer was quick, Fidelity said. The business provided identity repair and credit monitoring services that do look for any unusual activity in the investment accounts of the customers who were impacted.

This is n’t Fidelity’s first brush with cyberattackers. According to a publication made in March, Fidelity claimed that a ransomware attack had exposed users ‘ personal information. In that case, thieves breached Infosys McCamish Systems ‘ IT networks in November 2023. The publication from October seems to be related to that assault.

Taking precautions when using records that contain sensitive details

Customers were instructed by Fidelity to watch their own accounts for possible fraud and other shady behavior. Additionally, they direct users to instructions for creating a credit record or fraud alert. Their tips include:

  • Examine your financial and other records ‘ statements frequently.
  • Monitor your payment information.
  • Immediately report any suspicious exercise to your financial institution, local law enforcement, or your ideal position power.

When reached for comment, Fidelity confirmed the data presented in the draft violation warning.

In a statement released by Corporate External Communications Head Michael Aalto, Fidelity said,” We recognize our customers may have concerns about this event and we have tools in place to help them.” ” Fidelity takes its responsibility to protect data and serve its customers significantly.”