Fidelity breach exposed the personal data of 77,000 customers – what to do if you’re affected

WhataWin/Getty Images
Another day, another data breach. This latest one affects customers of one of the largest investment firms in the US. In a Wednesday filing with several state attorneys general, Fidelity Investments revealed that it was hit by a breach on August 17, which the firm detected on August 19. A letter sent to the 77,099 customers caught up in the breach confirmed that the attackers stole personal information related to them.
The notices to three attorneys general each disclosed different details, as spotted by TechCrunch.
Also: If you’re a Marriott customer, FTC says the breach-plagued hotel chain owes you
The notice shared with the Maine attorney general stated the date of the breach, when it was discovered, and how many people were affected. It also included a sample of the letter sent to customers. Here, Fidelity said that a third party had accessed and obtained certain information without authorization by using two customer accounts they recently set up. After detecting the activity, the company terminated access to those accounts and launched an investigation with help from outside security experts.
A data breach notice sent to New Hampshire’s attorney general said that the third party retrieved certain documents related to Fidelity customers and other individuals by submitting fraudulent requests to an internal database containing images of those documents. The compromise was limited to that one database, Fidelity said, and no customer accounts or funds were accessed. The company added that certain