The SEC said Morgan Stanley must pay a $35 million fine to settle allegations by the U.S. Securities and Exchange Commission that one of its divisions failed to protect the personal data of millions of customers when replacing hard drives and bank servers. .
According to the commission, the data of about 15 million customers were compromised over a five-year period starting in 2015, due to the bank improperly disposing of thousands of devices and auctioning some of them online without verifying that the data contained in them clients have been removed.
The committee explained that the violation occurred due to the fact that the bank hired a transport and storage company that had no experience in destroying data, and that it was unable to properly supervise the work of the company. “Customers entrust their personal information to financial professionals with the understanding and expectation that it will be protected,” said Gurbert Greual, director of enforcement at the commission, noting that such protection was not provided in the aforementioned incident.
Source: El Iktisad
