fb

Second hand servers + personal data = $35 million

Second hand servers + personal data = $35 million

Morgan Stanley is one of the most renowned banks in the world. It started business on Wall Street in New York back in 1935 and has grown so that it now has a market capitalisation of around $150 billion and employs approximately 70,000.

It’s obviously good at a lot of things but one area it wasn’t so good at was looking after the personal data of about 15 million customers.

Probably one of the first things that come to mind when protecting the personal details of clients are the security systems to protect the data within the bank such as passwords, firewalls, etc.

The problem for Morgan Stanley though was the data that was in computer hardware that was scrapped.

The US Securities and Exchange Commission (SEC) accused Smith Barney (Morgan Stanley’s wealth management business), of “astonishing” shortcomings.

The problems arose when Morgan Stanley disposed of thousands of hard drives and servers.

On multiple occasions a moving and storage business with no experience in data destruction services was hired to decommission these hard drives.

In other words, the hard drives and servers which were being scrapped should have had all the personal details removed.

Unfortunately this didn’t happen and instead the moving business then sold thousands of these devices to a third party. This third party then resold them on an internet auction site.

Some of the devices were subsequently recovered but the SEC said that Morgan Stanley “has not recovered the vast majority of the devices”.

The devices which were recovered were found to contain “thousands of pieces of unencrypted customer data”.

The end result is that Morgan Stanley has agreed to pay a $35 million penalty to settle charges.

There’s a valuable lesson to be learnt from this as responsibility for the safeguarding of personal data remains with the organisation and this includes making sure that the destruction of hardware containing that data is done in such a way that the data is erased and does not find it’s way into other people’s hands.

Share this entry

Related articles

View All Articles

Recent articles

View All Articles
Splashing marmalade all over?
Jul 11, 2024
Title
Splashing marmalade all over?
Excerpt

Imagine walking into a high-end boutique, expecting the usual scents of lavender and bergamot, only to be greeted […]

Miniature Models, Mega Profits…
Jun 30, 2024
Title
Miniature Models, Mega Profits…
Excerpt

Games Workshop, the iconic British company behind the Warhammer universe, recently demonstrated the profound impact of strategic communication […]

Swimming along nicely…
Jun 24, 2024
Title
Swimming along nicely…
Excerpt

Salmon, once a prized catch by skilled fishermen in cold, rushing rivers and coastal waters, has evolved into […]

You or your boss?
Jun 13, 2024
Title
You or your boss?
Excerpt

So, should you do it or should your boss do it? I’m talking about making decisions and the […]

A takeaway or a fakeaway?
Jun 06, 2024
Title
A takeaway or a fakeaway?
Excerpt

In the final run up to your professional exams it’s often a case of cramming your final revision […]

Peloton’s ride from pandemic peak to rental rebounds
May 30, 2024
Title
Peloton’s ride from pandemic peak to rental rebounds
Excerpt

Whilst home exercise bikes can be a great way to get fit, a lot of people who buy […]

Big 4 under the spotlight…
May 22, 2024
Title
Big 4 under the spotlight…
Excerpt

Recent findings have shown that Britain’s audit firms did not raise alarms for three-quarters of the major companies […]

Better than the professionals?
May 13, 2024
Title
Better than the professionals?
Excerpt

The landscape of investing is evolving, with the rise of retail, or “do-it-yourself” (DIY) investors who are achieving […]