Morgan Stanley hacked via third party provider. Customer data leaked

Morgan Stanley, one of the world’s leading financial services firms, unveiled the detection of a massive data breach triggered by the attack on an Accellion FTA implementation employed by a third-party provider. The company confirmed that the incident involves confidential information from its customers.

Shortly afterwards it was confirmed that the affected company is Guidehouse, a maintenance service provider for StockPlan Connect accounts, a stock plan service that is part of Morgan Stanley. This company confirmed that the threat actors accessed its Accellion FTA server in order to steal information belonging to the partners of this stock plan.

Guidehouse’s server was apparently compromised by exploiting a severe vulnerability in Accellion FTA just a couple of days after the flaw was addressed by the developers of this file-sharing platform. The incident was detected in March and in May it was confirmed that the attack also involved information from Morgan Stanley customers.

In a statement, the financial firm noted some important points from the incident: “No attempts at unauthorized access to our apps were detected. The incident involves only the files in Guidehouse’s possession, including some encrypted information from Morgan Stanley,” the press release states.

While Morgan Stanley mentions that the information the attackers accessed was encrypted, Guidehouse confirmed that the compromise of its Accellion FTA server also involved the decryption keys to access this data, including:

  • Names of action plan participants
  • Domiciles
  • Dates of birth
  • Social security numbers
  • Corporate company names

The good news is that Guidehouse confirmed that its Accellion FTA server did not contain passwords or login credentials that cybercriminals could use to access other Morgan Stanley applications or services.

Finally the company stated that the incident is being investigated and that the necessary measures will be taken to prevent further attacks in the future: “We remain in contact with Guidehouse and will take the necessary measures to mitigate any possible new hacking attempts,” Morgan Stanley’s message concludes.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.