Chicago-based Stoltmann Law Offices has represented investors who have suffered losses as a result of their brokerage or investment accounts being infiltrated by hackers. How safe are your retirement funds from hackers? With massive hacking activity and cybersecurity in the news every day, that’s an essential question to ask your financial advisor. Cybercriminals are trying to steal money and personal financial information 24-7.
Here’s a series of questions to ask: When financial advisors suspect that your retirement accounts are being hacked, have they reported this information to you? Even more importantly, have they reported it to federal authorities such as the FBI or Treasury Department? That’s not only the right thing to do, they are legally obligated to do so.
Of course, if an advisor or third party fails to report suspicious online activity to regulators, they may be breaking the law. The U.S. Securities and Exchange Commission (SEC), for example, recently imposed a $1.5 million fine and settled charges against GWFS Equities, an affiliate of Great West Life and Annuity Insurance Company, “for violating the federal securities laws governing the filing of Suspicious Activity Reports (SARs).”
According to the SEC’s order, “from September 2015 through October 2018, GWFS was aware of increasing attempts by external bad actors to gain access to the retirement accounts of individual plan participants. The order further finds that GWFS was aware that the bad actors attempted or gained access by, among other things, using improperly obtained personal identifying information of the plan participants, and that the bad actors frequently were in possession of electronic login information such as user names, email addresses, and passwords.”
Under federal law, any third party or broker-dealer must report suspected breaches of their accounts. The SEC order finds that “GWFS failed to file approximately 130 SARs, including in cases when it had detected external bad actors gaining, or attempting to gain, access to the retirement accounts of participants in the employer-sponsored retirement plans it serviced.”
“Across the financial services industry, we have seen a large increase in attempts by outside bad actors to gain unauthorized access to client accounts,” said Kurt L. Gottschall, Director of the SEC’s Denver Regional Office. “By failing to file SARs and by omitting information it knew about the suspicious activity it did report, GWFS deprived law enforcement of critical information relating to the threat that outside bad actors pose to retirees’ accounts, particularly when the unauthorized account access has been cyber-enabled.”
Without question, any firm that manages money or acts as a third party in handling investment accounts, has a legal duty to protect funds in their care. These firms also must protect your personal information, which is of great value to criminals who steal identities to steal funds and open fraudulent credit accounts.
If you invested with a financial advisor and lost money as a result of a hack into your accounts, you may have a claim to pursue through FINRA Arbitration. Please contact Stoltmann Law Offices, P.C. at 312-332-4200 for a free, no obligation consultation with a securities attorney. Stoltmann Law Offices is a contingency fee law firm which means we do not get paid until you do!