Morgan Stanley data breach settlement overview:
- Who: Morgan Stanley has agreed to pay $6.5 million to end data breach investigations being conducted by the attorneys general from New York, Florida, Indiana, New Jersey, Connecticut and Vermont.
- Why: The data breach investigations were looking into a pair of data security incidents that were announced by Morgan Stanley in 2020.
- Where: Morgan Stanley is used by consumers nationwide.
Morgan Stanley has agreed to pay $6.5 million in settlements to put an end to investigations being conducted by six attorneys general who were looking into two data breach incidents announced by the global financial services company in 2020.
In addition to the monetary payment, the investment bank has agreed to incorporate multiple steps going forward that will allow it to better protect personal data it collects from consumers during the course of its business.
As one example, Morgan Stanley has committed to establish an “information security program” that will include a variety of different safeguards that the company pledged will be evaluated for their effectiveness at least once per year.
Also as part of the settlements, Morgan Stanley has agreed to create a “vendor risk management program” with an intended purpose of ensuring vendors are properly getting rid of personal data that could be exploited by a bad actor.
Attorneys general investigated two data breach incidents after devices decommissioned
The settlement agreements were made with the attorneys general from the states of New York, Florida, Indiana, New Jersey, Connecticut and Vermont, according to Law360.
The attorneys general were reportedly investigating a pair of data security incidents that happened after Morgan Stanley decommissioned certain computer devices.
In one incident, a software flaw left behind fragments of personal data on the decommissioned computer devices that were supposed to have been removed from the devices, Law360 reports.
In the other incident, a firm that was contracted by a Morgan Stanley subcontractor to get rid of data failed to remove personal information from some of the hardware prior to it being resold.
Morgan Stanley agreed in January 2022 to pay $60 million to a class of nearly 15 million of its customers to end claims the company allowed their data to become exposed during the data security incidents.
Were you affected by the Morgan Stanley data breaches? Let us know in the comments.
Don’t Miss Out!
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
7 thoughts onMorgan Stanley to pay $6.5M to resolve data breach investigations with 6 states
I am a Morgan Stanley customer for a well over 20 years.
I have been a Morgan Stanley customer and was not informed of this breach. Please add me.
I believe i should be a part of this settlement
Please add me
I also have purchased items from auto zone and my name is in their system and I’ve had my id stolen
Multiple times thru data breaches. . Even thru Hillsborough county got website as well recd letter.
And bay care as well had a data breach I believe
I also have purchased items from auto zone and my name is in their system and I’ve had my id stolen
Multiple times thru data breaches. . Even thru Hillsborough county got website as well recd letter.
And bay care as well had a data breach I brlieve
I have a personal bank loan that I’m not responsible for that was opened in my name. I fought with Morgan Stanley and they came back with saying it’s mine when it’s not. They won’t delete information off my credit bureau since I sent an ftc report to credit bureaus showing my id was compromised and stolen thru multiple breaches along with equifax data breach as well