Morgan Stanley Discloses Data Breach After the Hack of a Third-party Vendor

Morgan Stanley Discloses Data Breach
Share It On:

13th July 2021, Kathmandu

The Investment banking firm Morgan Stanley has disclosed a knowledge breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse.

The company has offices in additional than 42 countries and quite 60,000 employees, its clients in several industries.

The account and maintenance facilities are provided by the guide house for Morgan Stanley’s StockPlan to Connect business, hackers breached its Accellion FTA server and stole information belonging to Morgan Stanley stock plan participants. It is the security breach and top reported by BleepingComputer that also exchange a copy of the data breach notification letter sent to the impacted customers.

When Morgan Stanley was notified dated on may 20,2021 to Guidehouse, a vendor that given account maintenance facilities to Morgan Stanley’s StockPlan Connect business, that it had suffered an information security incident. Then, the Guidehouse is supporting that type of data it is maintained for Morgan Stanley had been accessed through the Accellion FTA vulnerability.” reads the letter.

Morgan Stanley documents the possession of Guidehouse containing the private information of StockPlan Connect participants, including participants in New Hampshire, were obtained by an unauthorized individual.”

The provider is already informed for Morgan Stanley in May 2021 that hackers compromised its FTA install back in January by exploiting a zero-day vulnerability later addressed by the seller.

The hack of the FTA server happened in March, but the hacker had access to the info of Morgan Stanley customers in May. The participant ( take apart ) details (information) accessed by the hackers included name; address (last known address); date of birth; Social Security number (if the participant had one); and company name.

The company acknowledged that exposed files didn’t contain passwords that would be wont to access financial accounts. It is stolen files and it is stored in encrypted form on the compromised Guidehouse Accellion FTA server, but the attackers were also ready to obtain the key to decrypt it.

It is the investment banking firm that has no evidence that hackers have abused stolen info or disseminated it online. Morgan Stanley acknowledged that its systems weren’t breached by the threat actors. “in any Morgan Stanley applications,” if there was no data security breach then we will not continues the letter.

February, the security experts from FireEye linked a series of cyberattacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11 in February.

In mid-December 2020 the wave of attacks is started, and threat actors exploited multiple zero-day vulnerabilities within the Accellion File Transfer Appliance (FTA) software to deploy a shell dubbed DEWMODE on the target networks.

The attackers exfiltrate sensitive data from the target systems then published it on the CLOP ransomware gang’s leak site.

It has been guessed that the group has targeted approximately 100 companies across the planet between December and January.


Share It On:

Recent Posts

Nepal Insurance Authority Updates Policies: Coffee, Bee, Sugarcane, and Vegetable Farming

Nepal Insurance Authority Updates Policies: Coffee, Bee, Sugarcane, and Vegetable

Share It On:8th December 2024, Kathmandu  The Nepal Insurance Authority has made significant changes to four important agricultural insurance policies.

NMB Bank’s No-Dividend Decision for FY 2023/24 Raises Eyebrows Among Investors

NMB Bank’s No-Dividend Decision for FY 2023/24 Raises Eyebrows Among

Share It On:8th December 2024, Kathmandu NMB Bank has announced that it will not be distributing dividends for the fiscal

Ncell, Saathi, and Zonta Club Campaign: Raising Awareness and Ending Gender-Based Violence in Kathmandu Schools

Ncell, Saathi, and Zonta Club Campaign: Raising Awareness and Ending

Share It On:8th December 2024, Kathmandu Ncell Foundation, Saathi, and  Zonta Club  Kathmandu have launched the Orange the Schools Campaign

Nepal Stock Market Analysis: NEPSE Trends and Sector Growth in the Past Week

Nepal Stock Market Analysis: NEPSE Trends and Sector Growth in

Share It On:7th December 2024, Kathmandu The Nepal Stock Exchange (NEPSE) experienced fluctuations throughout the past week, finishing at 2,734.93

56 Companies Declare Dividends: NEPSE Dividend Update 2023/24 – Cash and Bonus Shares Breakdown

56 Companies Declare Dividends: NEPSE Dividend Update 2023/24 – Cash

Share It On:7th December 2024, Kathmandu  A total of 56 companies and mutual funds listed on the Nepal Stock Exchange

Samsung Unveils One UI 7: Redefining the Smartphone Experience with Powerful AI and Intuitive Design

Samsung Unveils One UI 7: Redefining the Smartphone Experience with

Share It On:7th December 2024, Kathmandu  Samsung Nepal announced the public release of the One UI 7 beta program, boasting