Morgan Stanley will pay $35 million to settle US Securities and Exchange Commission allegations that one of its units failed to secure the personal data of millions of customers when replacing company hard drives and servers.
The firm’s Morgan Stanley Smith Barney arm disposed of thousands of devices without ensuring they had been properly wiped of personal information, according to the SEC. The electronics contained identifying information of about 15 million customers and many of the devices were resold on an internet auction site, the agency said in a statement, alleging that the lapses occurred for five years starting in 2015.
Source: Morgan Stanley Pays $35 Million SEC Fine Over Data-Security – Bloomberg