Security Affairs
FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Fidelity Investments suffered a second data breach this year

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information. U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack. The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024. […]

Xsolis

US-based financial services company Fidelity Investments warns 77,000 individuals of a data breach that exposed their personal information.

U.S.-based financial services company Fidelity Investments is notifying 77,099 individuals that their personal information was compromised in an August cyberattack.

The data breach occurred on August 17, 2024 and was discovered two days later, on August 19, 2024.

“Between August 17 and August 19, a third party accessed and obtained certain information without authorization using two customer accounts that they had recently established. We detected this activity on August 19 and immediately took steps to terminate the access. An investigation was promptly launched with assistance from external security experts.” reads the data breach notification letter shared by the company with the Maine Attorney General “The information obtained by the third party related to a small subset of our customers. Please note that this incident did not involve any access to your Fidelity account(s).”

Compromised information includes names, Social Security numbers, financial account data, and drivers license information. The company confirmed that financial data was not exposed and Fidelity customer accounts were not hacked.

Fidelity Investments has informed attorney generals in various states that the attacker had created two customer accounts, which they used to obtain images of documents pertaining to Fidelity customers from an internal database. 

The company offers impacted individuals 24 months of free credit monitoring and identity restoration services. 

In March, Fidelity notified roughly 28,000 individuals that their personal information was compromised due to a data breach suffered by third-party provider Infosys McCamish System (IMS).

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, data breach)