Articles Posted in Data Breach

Stoltmann Law Offices is investigating brokers who have failed to protect customers’ personal information from identity theft. The Securities and Exchange Commission (SEC) has separately charged J.P. Morgan Securities, UBS Financial Services and TradeStation Securities, for “deficiencies in their programs to prevent customer identity theft, in violation of the SEC’s Identity Theft Red Flags Rule, or Regulation S-ID.”

 “From at least January 2017 to October 2019, the firms’ identity theft prevention programs did not include reasonable policies and procedures to identify relevant red flags of identity theft in connection with customer accounts or to incorporate those red flags into their programs. In addition, the SEC’s orders find that the firms’ programs did not include reasonable policies and procedures to respond appropriately to detected identity theft red flags, or to ensure that the programs were updated periodically to reflect changes in identity theft risks to customers.”

“Regulation S-ID is designed to help protect investors from the risks of identity theft,” said Carolyn Welshhans, Acting Chief of the SEC Enforcement Division’s Crypto Assets and Cyber Unit. The agency’s actions “are reminders that broker-dealers and investment advisers must design and operate identity theft prevention programs that are appropriately tailored to their businesses and update them in response to the increased threat and changing nature of identity theft.”

Chicago-based Stoltmann Law Offices is representing clients who’ve been the victims of cybersecurity hacks. Third Parties who store and use your personal data have an obligation to keep that information secure. But in the online universe, cyberthieves are working 24/7 to steal this valuable commodity. Stolen data is bought and sold on the internet’s black market and used by other scamsters to open credit accounts with stolen identities.

Aon Corporation, the massive global insurance company, was recently hit with a class-action lawsuit over a cyber-hacking incident, or “data breach,” that allegedly lasted more than a year.  “The 25-page lawsuit comes after Aon revealed that it had been hit by a data breach that went undetected for over a year, from late December 2020 to February 2022, according to class-action.org. Per the complaint, cybercriminals breached the company’s systems to access insurance files containing consumers’ names, addresses, dates of birth, Social Security and driver’s license numbers and, in some cases, benefit enrollment information.”

The lawsuit also claims that Aon “lacked the security necessary to prevent such a hack” or stop unauthorized parties from stealing consumers’ personally identifiable information. Per the suit, Aon has disregarded consumers’ privacy rights and exposed their information to a heightened risk of misuse.” According to the complaint, Aon’s data breach notice “deliberately underplayed the severity of the breach and misrepresented that the insurer had no evidence cybercriminals had copied, retained, or shared the data, even though Aon knew cybercriminals had accessed its files for an extended period.” The suit states “Aon has offered data breach victims only 24 months of free credit monitoring services “despite the significant [personally identifiable information] that was compromised over a two-year period.”

CNBC
FOX Business
The Wall Street Journal
Bloomberg
CBS
FOX News Channel
USA Today
abc NEWS
DATELINE
npr
Contact Information