The notification includes customers’ personal details in Morgan Stanley’s StockPlan being impacted due to one of its third-party service providers hit by a threat group earlier this year.
Exploiting the Accellion FTP
Morgan Stanley – one of the popular American investment banking firms, has disclosed a data breach incident affecting specific customers’. As per the notice, Morgan Stanley said this incident impacted customers in its StockPlan Connect Business. And this happened because of a third-party service provider named Guidehouse. Guidehouse is an account maintenance service for Morgan Stanley’s StockPlan Connect Business, which used the Accellion FTP server that was exploited by hackers earlier this year. In January this year, the breach happened, while the Guidehouse detected it in March and realized that data of Morgan Stanley’s breached in May. So while it informed the investment banker in May, it has now started informing the affected customers. The information stolen was actually encrypted, but unfortunately, hackers have also stolen the decryptor and broke it open. Thus, the data of Morgan Stanley that was impacted is as follows;
Stock plan participants’ names Addresses (last known address) Dates of birth Social security numbers Corporate company names.
The investment banker said it’s now in “close contact with Guidehouse and is taking steps to mitigate potential risks to clients.” Also, Guidehouse assured that there was no evidence found about the stolen data being shared online anywhere. While the names of hackers weren’t revealed in the notification, it was believed either the Clop ransomware gang or FIN11 gang had stolen the data. They’ve exploited the vulnerability in legacy Accellion FTP and stolen data from various firms till now.