www.theregister.com Open in urlscan Pro
104.18.5.22  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Sign in / up




TOPICS

Security


SECURITY

All SecurityCyber-crimePatchesResearchCSO (X)
Off-Prem


OFF-PREM

All Off-PremEdge + IoTChannelPaaS + IaaSSaaS (X)
On-Prem


ON-PREM

All On-PremSystemsStorageNetworksHPCPersonal TechCxOPublic Sector (X)
Software


SOFTWARE

All SoftwareAI + MLApplicationsDatabasesDevOpsOSesVirtualization (X)
Offbeat


OFFBEAT

All OffbeatDebatesColumnistsScienceGeek's GuideBOFHLegalBootnotesSite NewsAbout
Us (X)
Special Features


SPECIAL FEATURES

All Special Features Cybersecurity Month VMware Explore Blackhat and DEF CON
Cloud Infrastructure Month Malware Month The Reg in Space Spotlight on RSA


VENDOR VOICE

Vendor Voice


VENDOR VOICE

All Vendor Voice Siemens and AWS Gen AI Amazon Web Services (AWS) New Horizon in
Cloud Computing DDN Google Cloud Data Transformation Google Gemini Hewlett
Packard Enterprise: Edge-to-Cloud Platform Intel vPro VMware (X)
Resources


RESOURCES

Whitepapers Webinars & Events Newsletters


CYBER-CRIME

1


CROOKS STOLE PERSONAL INFO OF 77K FIDELITY INVESTMENTS CUSTOMERS

1


BUT HEY, NO WORRIES, THE FIRM CLAIMS NO EVIDENCE OF DATA MISUSE

Jessica Lyons
Thu 10 Oct 2024 // 21:30 UTC




Fidelity Investments has notified 77,099 people that their personal information
was stolen in an August data breach. 

The mega asset manager has not disclosed what data the digital crooks nabbed,
but assured customers that the security snafu "did not involve any access to
your Fidelity account(s)."

In a letter sent to affected individuals, Fidelity said the break-in happened
between August 17 and August 19 when "a third party accessed and obtained
certain information without authorization using two customer accounts that they
had recently established." [PDF]



The financial firm did not answer The Register's specific questions, including
how the attack happened and what personal details were stolen.




In a statement emailed to The Register, a Fidelity spokesperson repeated the
breach disclosure statement, and told us: "We are notifying individuals as
appropriate and providing them credit monitoring resources. We recognize our
customers may have questions about this event and we have resources in place to
assist them. Fidelity takes its responsibility to serve customers and safeguard
information seriously."

Fidelity noted that it spotted the intruders on August 19, and took "immediate"
actions to kick them out of its IT systems. It also hired an external security
firm to investigate the breach. Fidelity claims the information obtained by the
data thieves only "related to a small subset of our customers."



For context: the asset manager says it has more than 51.5 million individuals as
customers, and manages employee benefit programs for about 28,000 businesses
across 11 countries. As of June, Fidelity had about $5.5 trillion in customer
assets under management, and around $14.1 trillion in assets under
administration.

 * Fidelity customers' financial info feared stolen in suspected ransomware
   attack
 * Marriott settles for a piddly $52M after series of breaches affecting
   millions
 * Fore-get about privacy, golf tech biz leaves 32M data records on the fairway
 * Dutch cops reveal takedown of 'world's largest dark web market'

The brokerage says it is "not aware of any misuse" of customers' personal
information because of the security breach. However, it has offered anyone
affected two years of free credit monitoring.

In March, Fidelity Investments Life Insurance notified nearly 30,000 customers
that criminals accessed their personal and financial information after breaking
into Infosys' IT systems in the fall. During that third-party breach, the crooks
made off with Fidelity customers' bank account and routing numbers, credit card
numbers and security or access codes. ®

Sponsored: Building the data economy with AI
Share



MORE ABOUT

 * Cybercrime
 * Security

More like these
×


MORE ABOUT

 * Cybercrime
 * Security


NARROWER TOPICS

 * 2FA
 * Advanced persistent threat
 * Application Delivery Controller
 * Authentication
 * BEC
 * Black Hat
 * BSides
 * Bug Bounty
 * CHERI
 * CISO
 * Common Vulnerability Scoring System
 * Cybersecurity
 * Cybersecurity and Infrastructure Security Agency
 * Cybersecurity Information Sharing Act
 * Data Breach
 * Data Protection
 * Data Theft
 * DDoS
 * DEF CON
 * Digital certificate
 * Encryption
 * Exploit
 * Firewall
 * Hacker
 * Hacking
 * Hacktivism
 * Identity Theft
 * Incident response
 * Infosec
 * Infrastructure Security
 * Kenna Security
 * NCSAM
 * NCSC
 * Palo Alto Networks
 * Password
 * Phishing
 * Quantum key distribution
 * Ransomware
 * Remote Access Trojan
 * REvil
 * RSA Conference
 * Spamming
 * Spyware
 * Surveillance
 * TLS
 * Trojan
 * Trusted Platform Module
 * Vulnerability
 * Wannacry
 * Zero trust

MORE ABOUT

Share


1 COMMENTS

MORE ABOUT

 * Cybercrime
 * Security

More like these
×


MORE ABOUT

 * Cybercrime
 * Security


NARROWER TOPICS

 * 2FA
 * Advanced persistent threat
 * Application Delivery Controller
 * Authentication
 * BEC
 * Black Hat
 * BSides
 * Bug Bounty
 * CHERI
 * CISO
 * Common Vulnerability Scoring System
 * Cybersecurity
 * Cybersecurity and Infrastructure Security Agency
 * Cybersecurity Information Sharing Act
 * Data Breach
 * Data Protection
 * Data Theft
 * DDoS
 * DEF CON
 * Digital certificate
 * Encryption
 * Exploit
 * Firewall
 * Hacker
 * Hacking
 * Hacktivism
 * Identity Theft
 * Incident response
 * Infosec
 * Infrastructure Security
 * Kenna Security
 * NCSAM
 * NCSC
 * Palo Alto Networks
 * Password
 * Phishing
 * Quantum key distribution
 * Ransomware
 * Remote Access Trojan
 * REvil
 * RSA Conference
 * Spamming
 * Spyware
 * Surveillance
 * TLS
 * Trojan
 * Trusted Platform Module
 * Vulnerability
 * Wannacry
 * Zero trust

TIP US OFF

Send us news

--------------------------------------------------------------------------------


OTHER STORIES YOU MIGHT LIKE

BIG BRANDS AMONG THOUSANDS INFECTED BY PAYMENT-CARD-STEALING COSMICSTING CROOKS

Updated Gangs hit 5% of all Adobe Commerce, Magento-powered stores, Sansec says
Cybersecurity Month7 days | 6

MOSCOW-ADJACENT GOLDENJACKAL GANG STRIKES AIR-GAPPED SYSTEMS WITH CUSTOM MALWARE

USB sticks help, but it's unclear how tools that suck malware from them are
delivered
Cybersecurity Month1 day | 19

RANSOMWARE GANG TRINITY JOINS PILE OF SCUMBAGS TARGETING HEALTHCARE

As if hospitals and clinics didn't have enough to worry about
Cybersecurity Month2 days | 6

AN EASY ROUTE TO AI-ENHANCED PRODUCTIVITY

How the integration of Google Gemini across Google Workspace turbo charges
existing apps with AI power
Sponsored Feature


FEDS REACH FOR SLIVER OF CRYPTO-CASH NICKED BY NORTH KOREA'S NOTORIOUS LAZARUS
GROUP

A couple million will do for a start … but Kim's crews are suspected of stealing
much more
Cybersecurity Month3 days | 2

CHINA'S SALT TYPHOON CYBER SPIES ARE DEEP INSIDE US ISPS

Updated Expecting a longer storm season this year?
Networks15 days | 4

HAPPY BIRTHDAY, PUTIN – YOU'VE BEEN PWNED

Pro-Ukraine hackers claim credit for Russian state broadcasting shutdown
Security3 days | 72

SCAMMERS IN THE SLAMMER FOR YEARS AFTER RIPPING OFF APPLE WITH FAKE IPHONE
RETURNS

Duo must also cough up $1.5M for pulling off multi-million-dollar exchange
swindle
Bootnotes7 days | 13

DOJ, MICROSOFT SEIZE 107 DOMAINS USED IN RUSSIA'S STAR BLIZZARD PHISHING ATTACKS

Winter is coming
Cybersecurity Month7 days | 7

RANSOMWARE CREW INFECTS 100+ ORGS MONTHLY WITH NEW MEDUSALOCKER VARIANT

Exclusive Crooks 'like a sysadmin, with a malicious slant'
Cybersecurity Month8 days | 3

AUSTRALIAN E-TAILER DIGIDIRECT CUSTOMERS' INFO ALLEGEDLY STOLEN AND DUMPED
ONLINE

Full names, contact details, and company info – all the fixings for a phishing
holiday
Cybersecurity Month10 days |

RACKSPACE INTERNAL MONITORING WEB SERVERS HIT BY ZERO-DAY

Exclusive Intruders accessed machines via tool bundled with ScienceLogic,
'limited' info taken, customers told not to worry
Cybersecurity Month10 days | 10


The Register Biting the hand that feeds IT

ABOUT US

 * Contact us
 * Advertise with us
 * Who we are

OUR WEBSITES

 * The Next Platform
 * DevClass
 * Blocks and Files

YOUR PRIVACY

 * Cookies Policy
 * Privacy Policy
 * Ts & Cs
 * Do not sell my personal information

Copyright. All rights reserved © 1998–2024