This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Morgan Stanley has revealed a data breach after attackers hacked into a third-party vendor’s Accellion FTA server and stole personal information belonging to its clients. Morgan Stanley is a global financial services corporation that specializes in investment banking, securities, wealth management, and investment management. Corporations, governments, institutions, and individuals from more than 41 countries are among the company’s clients.
In May 2021, Guidehouse, a third-party vendor that offers account maintenance services to Morgan Stanley’s StockPlan Connect business, told Morgan Stanley that hackers had accessed its Accellion FTA server and stolen information from Morgan Stanley stock plan participants. In January, an Accellion FTA vulnerability was exploited on the Guidehouse server, however, the vendor patched it within five days of the fix becoming available.
The breach was detected in March, and the impact on Morgan Stanley customers was identified in May when Guidehouse notified the financial services company of the incident. No indication of the stolen data being disseminated online by the threat actors was uncovered. “There was no data security breach of any Morgan Stanley applications,” Morgan Stanley said in data breach notification letters sent to impacted individuals. “The incident involves files which were in Guidehouse’s possession, including encrypted files from Morgan Stanley.”
Despite the fact that the stolen files were encrypted and stored on the compromised Guidehouse Accellion FTA server, the threat actors gained the decryption key as part of the attack. The files stolen from Guidehouse’s FTA server did not cont
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Morgan Stanley Faces Data Breach