On May 17, 2024, UBS Financial Services Inc. (UBS FSI), a subsidiary of UBS Americas Inc., experienced a security breach involving the inadvertent disclosure of personal data. The breach was caused by a human error, which led to an internal communication being mistakenly sent to an external recipient. The exposed information included individuals’ names and UBS FSI account numbers.
Upon discovering the breach, UBS took immediate action to address the situation. The company requested the external recipient to delete the email containing the sensitive data, and this request was confirmed as fulfilled. Additionally, UBS has revised its internal processes to minimize the risk of similar incidents in the future.
Under Massachusetts law, affected individuals have the right to obtain a police report related to the incident and to file a police report if they become victims of identity theft. Individuals are also entitled to place a free security freeze on their credit reports to prevent unauthorized access.
UBS assured that the incident was thoroughly investigated and contained, and it emphasized that the breach has been fully addressed. The company has implemented additional measures to prevent such errors from occurring again and continues to provide guidance on protecting personal information.