Following the investigation, the FTC discovered that that the breach had been made possible because of a glitch in Morgan Stanleys data security controls and not a failure on Morgan Stanleys part to secure account information.
According to the source, the breach was traced back to a former broker who gained access to client data despite a number of security controls in place because certain controls were not properly configured.
Maneesha Mithal, associate director of the division of privacy and identity protection at the FTC, mentioned that Morgan Stanley managed to properly handle and fix the issue once it come it its attention. Furthermore, the company had reasonable comprehensive policies in place. Brokers, for example, were not allowed to access personal data outside the specific clients they served and the company monitored the size and frequency of data transfers by employees and prohibited employee use of USBs and other devices to remove client data.
A spokeswoman for Morgan Stanley, Christine Jockle, said in an emailed statement that there was no evidence that any fraud had occurred in the affected client accounts and reiterated that the company had acted quickly after it discovered the information had been leaked.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now