Editor’s note: A previous version of this article incorrectly stated the number of data breaches Fidelity experienced last year. Fixed this to be the only one.
Fidelity Investments is the latest American company to fall victim to a major data breach.
Although the company is one of the world’s largest asset management companies, it still lacks a cybersecurity infrastructure in place. No Fidelity accounts were compromised, but personal information was compromised, including social security numbers and driver’s licenses.
Get Security Alerts, Tips from the Experts — Subscribe to Cart Newsletter — Click Here for Cyber ​​Guy Reports
Illustration of a hacker on a laptop. (Kurt “Cyber ​​Guy” Knutson)
what happened?
Fidelity Investments reported in a filing with the Maine Attorney General that an anonymous third party accessed information in its systems using two recently established customer accounts. There is no mention of how the creation of two Fidelity customer accounts allowed access to the data of thousands of other customers.
“We detected this activity on August 19th and took immediate steps to terminate access,” Fidelity said in a letter to those affected. The company confirmed that the data breach compromised the personal information of more than 77,000 customers, but did not include access to any Fidelity accounts. This incident represents only a small portion of its overall customer base of 51.5 million people.
The breach occurred between August 17th and 19th, and the attackers gained access to customer names and other personally identifying information, such as Social Security numbers and driver’s licenses. After detecting the breach, Fidelity was able to stop the unauthorized access on August 19th.


A man surfing on his mobile phone. (Kurt “Cyber ​​Guy” Knutson)
MoneyGram hack exposes sensitive customer data and crippled services
Is Fidelity doing anything about this breach?
“We take this incident and the security of your information very seriously,” the company said in a notice sent to affected customers. “As mentioned above, after detecting this activity, we We immediately put a stop to it and took steps to address the situation.”
Fidelity will provide 24 months of free credit monitoring and identity restoration services to users affected by this breach. The company also encourages individuals to remain vigilant, regularly review their financial statements, and report any suspicious or fraudulent activity.
Click here for more US news


Illustration of a hacker at work. (Kurt “Cyber ​​Guy” Knutson)
6 ways to protect yourself from data breaches
1. Enable Two-Factor Authentication (2FA) on all your accounts: One of the most effective ways to protect your personal and financial information from hackers is to enable Two-Factor Authentication (2FA) whenever possible. That’s it. This provides an extra layer of security by requiring two forms of authentication, such as a password and a one-time code sent to your mobile phone, before granting you access to your account. Even if your password is stolen, 2FA can prevent hackers from gaining access to your account.
2. Monitor your financial accounts regularly: After a data breach, especially if sensitive financial information such as transaction details or bank account numbers were compromised, bank statements, credit card transactions, and even small purchases Even so, it is important to monitor it regularly. Look for any fraudulent activity, no matter how minor, and report it to your bank or service provider immediately.
CLICK HERE TO GET FOX BUSINESS ON THE GO
3. Change your password and use a strong, unique password. Fidelity customers who reuse passwords across multiple accounts should update their login information immediately. A strong password is a combination of uppercase and lowercase letters, numbers, and symbols that make it difficult for hackers to guess or crack. To securely store and generate complex passwords, consider using a password manager.
4. Sign up for Identity Theft Protection: Given that hackers stole Social Security numbers, government-issued IDs, and other sensitive information in the Fidelity breach, affected customers should sign up for Identity Theft Protection. should be considered. These services notify you when someone tries to open a new line of credit or loan in your name, so you can take immediate action to prevent identity theft. You can also place fraud alerts or freezes on your credit report to prevent unauthorized access. Check out our tips and recommendations on how to protect yourself from identity theft.
5. Be aware of phishing attacks and scams: After a data breach, there is often an increase in phishing attacks where scammers pose as legitimate companies and try to trick you into revealing additional personal information. Always double-check the authenticity of emails, especially those that request sensitive information. Don’t click on links or download attachments from suspicious sources. If you have a request for information, please contact the company directly for confirmation.
The best way to protect yourself from malicious links that can install malware and access your personal information is to install antivirus software on all your devices. This protection also warns you about phishing emails and ransomware scams, keeping your personal information and digital assets safe. Check out my picks for the best antivirus protection products of 2024 for your Windows, Mac, Android, and iOS devices.
6. Invest in a personal data removal service: No service promises to remove all your data from the internet, but if you want to constantly monitor and automate the process of continuously removing information from hundreds of sites over time. It is best to use a removal service. period. Check out the data deletion services I recommend here.
World’s largest stolen password database uploaded to criminal forum
Cart important points
Fidelity manages more than $14 trillion in assets, which speaks volumes about the company’s revenue and its customers’ expectations for the protection of their data and assets. However, robust cybersecurity doesn’t seem to be a top priority for Fidelity. Instead of implementing meaningful security measures, the company appears to be taking a “slap on the wrist” approach by getting people to sign up for a service that simply shifts the responsibility of monitoring for violations onto individuals. It lacks individual-level security measures, such as row-level security and authentication tokens that require individual approval to access records.
CLICK HERE TO GET THE FOX NEWS APP
Should companies like Fidelity face stiffer penalties for repeated violations? Email us at Cyberguy.com/Contact.
For more of my tech tips and security alerts, visit Cyberguy.com/Newsletter and subscribe to my free CyberGuy Report newsletter.
Ask Kurt a question or let us know your story you’d like us to cover.
Follow Kurt on his social channels.
Answers to CyberGuy frequently asked questions:
New from cart:
Copyright 2024 CyberGuy.com. Unauthorized reproduction is prohibited.