Reuters, July 8 – Morgan Stanley (MS.N) has said that a data breach involving a third-party vendor in January resulted in the theft of personal data from some of its corporate clients. Hackers gained access to information, including social security numbers, of some clients. Guidehouse, a vendor that offers account maintenance services to Morgan Stanley’s StockPlan Connect business, warned the bank of the breach in May, according to a letter dated July 2. Client names, residences, dates of birth, social security numbers, and corporate business names were among the information stolen, according to the bank. The information was obtained by exploiting a vulnerability in Guidehouse’s Accellion FTA server. Within five days, the vulnerability was patched. Despite the fact that the files were encrypted, the bank claims that the attackers were able to gain the decryption key during the hack. A bank representative stated, “We are in close contact with Guidehouse and are taking steps to limit potential risks to clients.” The intrusion, which was first revealed by technology news site Bleeping Computer, was identified by Guidehouse in March, and its impact on Morgan Stanley was discovered in May, according to the letter. Niket Nishant contributed reporting from Bengaluru, and Arun Koyyur edited the piece. The Thomson Reuters Trust Principles are our standards./n
Read More/cloudfront-us-east-2.images.arcpublishing.com/reuters/MB5LSD4NBBMW3NYYJEKO4S5OCY.jpg)
