SHARE
Morgan Stanley has disclosed that some of its corporate customers had their data stolen following a data breach at a third-party vendor.
The data breach involved Guidehouse Inc., a company that provides account maintenance services to Morgan Stanley’s StockPlan Connect Business. The data breach took place in January and was initially discovered by Guidehouse in March, with the link to Morgan Stanley later found in May. Morgan Stanley informed those affected in a letter dated July 2, according to Reuters.
The data stolen included client names, addresses, date of birth and corporate company names.
The attack vector involved hackers exploiting a vulnerability in software from Accellion Inc. used by Guidehouse. The form of attack was not disclosed, previous Accellion FTA-related attacks have involved the Clop ransomware gang.
The Accellion data breach continues to get messier – TechCrunch techcrunch.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from techcrunch.com Daily Mail and Mail on Sunday newspapers.
Ukraine Arrests 6 Clop Ransomware Operation Suspects govinfosecurity.com - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from govinfosecurity.com Daily Mail and Mail on Sunday newspapers.
A KPMG report finds that the email system used by Accellion never sent the email notifications to FTA customers and the company never informed them of the flaw being actively exploited.