image courtesy: council of foreign relations
image courtesy, reuters.com
A combined aggregate of eight outlets owned by 3 financial firms were fined in 6 figures for allowing data breach. These brokerage firms are charged because they have been unsuccessful in securing their network due to which business email accounts and personal information of many clients have been breached.
The US Securities and Exchange Commission (SEC) is taking up such a severe action after some third party entities gained possession of cloud-storage email accounts at KMS financial services, Iowa based company Cambridge Investment Group and entities of Cetera financial group.
According to the SEC, in the situation of the Cetera group at least 60 email accounts of employees were invaded by hackers that jeopardized critical information about 4,388 clients. The group entities like Advisory Networks, Cetera Advisors, Investment Services, Financial Specialists, Investment Advisors) were charged a sum of USD 3,00,000.
image courtesy, csoonline.com
In case of Cambridge Investment Group had to pay a penalty worth USD 2,50,000 since data of at least 2,100 clients were exposed through more than 121 hacked email accounts. The firm failed in applying mitigations on cloud based email accounts even after having knowledge of this breach since January 2018. KMS too faced equivalent charges (USD 2,00,000) as data of around 5,000 clients through 15 accounts were compromised.
Companies seldom fail to understand the gravity of consequences that can occur in absence of tight security systems. SEC warns firms about not only drafting policies for cyber security but also to enforce them.