Articles Tagged with hacking

Chicago-based Stoltmann Law Offices is investigating incidences of investors whose brokerage accounts have been hacked. Market regulators are investigating reports that customers of the popular online trading app Robinhood were ripped off. Hackers reportedly obtained account information of Robinhood customers, then transferred funds out of their accounts. The customers have contacted the U.S. Securities and Exchange Commission and FINRA, the securities industry regulator, to probe the thefts.

How safe is your money in an online brokerage account? It should be protected by numerous safeguards, although lately cyberthieves have found a way to steal money directly from investors. During the COVID pandemic, online trading soared, with millions of day traders using their phones and other devices to trade stocks and other securities. But as a recent wave of customer complaints suggest, their accounts have been hacked and money taken from their accounts, according to Bloomberg News.

In a statement to Bloomberg, Robinhood did not take responsibility for the thefts:

Stoltmann Law Offices has previously alerted consumers that their brokerage firms can be held responsible for theft in their brokerage, bank, or cryptocurrency accounts as a result of hacking. We have been successful in recovering these losses from brokerage firms for our clients. That is because the regulations are very clear on the supervision and compliance procedures that these firms must execute to protect their clients and their hard-earned savings.

FINRA Rule 3110 requires brokerage firms to establish and maintain a supervisory system to achieve compliance with applicable securities laws and regulations. Included in this supervisory system is the requirement to safeguard customer funds and securities and to inspect the “transmittals of funds (e.g., wires or checks, etc.) or securities from customers to third party accounts; from customer accounts to outside entities (e.g. banks, investment companies, etc.)…” (FINRA Rule 3110(c)(2)(A)).

Firms are further required to comply with the Gramm-Leach-Bliley Act Safeguards Rule (Regulation S-P) and the Identity Theft Red Flags Rule (Regulation S-ID). Pursuant to Regulation S-ID, this includes having an Identity Theft Prevention Program with procedures to identify, detect, and respond to red flags of identity theft. 17 CFR §248.201(d).

The Financial Industry Regulatory Authority (FINRA) recently fined Lincoln Financial Securities Corp (LFS) $650,000 for its failure to adequately supervise third-party vendors tasked with electronic storage of customer records and electronic preservation and retention of customer consolidated reports, and other cyber risk compliance lapses. This comes after 2012, when foreign hackers accessed 5,400 customer confidential records and information. Allegedly, LFS had certain procedural, administrative and information technology data security deficiencies that occurred before and after the attack. In addition, LFS was the subject of a 2011 Letter of Acceptance, Waiver and Consent (AWC) with FINRA, because of cybersecurity failures related to the safeguarding of customer records and information under the Securities Exchange Act of 1934. Specifically, LFS allegedly failed to adopt WSPs regarding the storage of customer data on cloud-based systems. Additionally, FINRA found that LFS did not adequately test and verify the security of information that could be stored on cloud-based servers, and therefore would not be able to tell if a computer server was breached. Please call our securities law offices today if you invested money with Lincoln Financial Securities Corp and would like a free consultation with one of our attorneys about your options. Please call today.

FOX Business
The Wall Street Journal
FOX News Channel
USA Today
abc NEWS
Contact Information