NOTICE: If you had a wealth management or other financial account with Morgan Stanley and received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777.
On July 10, 2020, one of the world’s foremost financial institutions Morgan Stanley notified affected current and former clients of two separate data security incidents involving confidential personal information left on decommissioned computer equipment.
In 2016, Morgan Stanley closed two data centers and decommissioned computer equipment that processed client information in both locations. Some servers and other hardware were sold to recyclers, however, these devices were not sufficiently scrubbed of information and contained unencrypted client data.
In 2019, in a separate event, Morgan Stanley replaced computer servers (WAAS devices) that contained personal information in local branch offices. During a recent inventory, some of the decommissioned equipment was missing. A known software flaw is thought to have resulted in data remaining on the missing disks in unencrypted form.
Compromised sensitive information that may have remained on the involved devices includes:
Morgan Stanley has offered two years of identity protection services for affected parties and is encouraging individuals to monitor fraudulent activity and review credit reports closely.
Founded in 1935, Morgan Stanley employs 60,000 people in 500 offices in 41 countries. The global financial leader is headquartered in New York City and reported $4 billion in 2020 first-quarter revenues. The company advises 3.5 million people around the globe and manages $2 trillion in assets.