Morgan Stanley unit fined $35M for mishandling customer data

Morgan Stanley

Morgan Stanley Smith Barney (MSSB) agreed to pay $35 million to settle Securities and Exchange Commission (SEC) charges it repeatedly disregarded the safeguarding of clients’ personal data.

The personally identifiable information of approximately 15 million MSSB customers was made vulnerable over a five-year period, beginning in 2015, because of failures by the firm to protect it, the SEC said in a press release Tuesday. MSSB is a wholly owned subsidiary of Morgan Stanley.

The trouble began when MSSB did not encrypt the personal data of customers stored on computer servers and hard drives, the SEC alleged. In 2016, the firm decommissioned two data centers and didn’t properly dispose of its computer servers and hard drives, the agency said.

lock iconTHIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.