Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

Morgan Stanley Settles Data Security

November 22, 2023
Reading Time: 6 mins read
in News
Morgan Stanley Settles Data Security

Morgan Stanley has agreed to a $6.5 million settlement following accusations of insecurely disposing of hardware containing unencrypted personal information, potentially exposing millions of customers. The Florida Attorney General’s Office revealed that the multinational investment bank neglected internal data security practices, hiring an inexperienced moving company for decommissioning.

This led to the sale of equipment at internet auctions without proper monitoring, exposing sensitive data. The investigation uncovered flaws in encryption software, missing servers, and inadequate vendor controls, prompting the settlement, which includes mandated security improvements, data encryption, and comprehensive information security measures.

The investigation disclosed that during the decommissioning process, Morgan Stanley failed to properly erase unencrypted personal information stored on devices, allowing the moving company to sell the computer equipment without the bank’s knowledge. Furthermore, a manufacturer flaw in encryption software led to the discovery of 42 missing servers potentially containing unencrypted customer information.

The settlement, which addresses security lapses, requires Morgan Stanley to pay $6.5 million to the states of Florida, Connecticut, Indiana, New Jersey, New York, and Vermont. Additionally, the bank is obligated to implement encryption for data at rest and in transit, establish a comprehensive data collection, use, retention, and disposal policy, and maintain an information security program, incident response plan, and vendor risk assessment team.

The agreement underscores the importance of proper data security practices, emphasizing the need for financial institutions to take measures to protect customer information during decommissioning processes.

The settlement not only addresses the financial aspect but also mandates substantial improvements in Morgan Stanley’s approach to data security, aiming to prevent future exposure of sensitive customer information through enhanced encryption and comprehensive security measures.

Reference:
  • ASSURANCE OF VOLUNTARY COMPLIANCE
Tags: Cyber AttacksCyber NewsCyber News 2023CybersecurityMorgan StanleyNovember 2023Personal InformationPrivacy
ADVERTISEMENT

Related Posts

Microsoft Halts Services to Israeli Defense

Microsoft Halts Services to Israeli Defense

September 26, 2025
Microsoft Halts Services to Israeli Defense

Kali Linux 2025.3 Released With 10 Tools

September 26, 2025
Microsoft Halts Services to Israeli Defense

Google Flo Health Flurry Pay 59.5M

September 26, 2025
Cloudflare Mitigates 22Tbps DDoS Attack

Secret Service Dismantles UN Telecom Threat

September 24, 2025
Cloudflare Mitigates 22Tbps DDoS Attack

Firefox Lets Devs Roll Back Bad Updates

September 24, 2025
Cloudflare Mitigates 22Tbps DDoS Attack

Cloudflare Mitigates 22Tbps DDoS Attack

September 24, 2025

Latest Alerts

Fake PyPI Login Site Steals Credentials

Google Warns of BRICKSTORM Malware

Hidden WordPress Backdoors Create Admins

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

Subscribe to our newsletter

    Latest Incidents

    Indian Bank Transfer Records Exposed

    Chinese Cyberspies Hit US Defense Firms

    Neon App Shuts Down After Data Leak

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial