US-based financial services company Fidelity Investments is notifying tens of thousands of individuals that their personal information was compromised as a result of unauthorized activity that occurred in August.
Fidelity Investments has informed attorney generals in various states that the attacker had created two customer accounts, which they used to obtain images of documents pertaining to Fidelity customers from an internal database.
The unauthorized activity was conducted August 17-19 and it was detected on August 19, when action was promptly taken to terminate the hacker’s access.
The company said only a “small subset of customers” are affected, but it told the Maine Attorney General that more than 77,000 individuals are impacted by the breach.
The company has told AGs that names, Social Security numbers, financial account data, and drivers license information were compromised, but said Fidelity customer accounts or funds were not at risk.
Impacted individuals are being offered 24 months of free credit monitoring and identity restoration services.
This is the second data breach that Fidelity has disclosed this year. Fidelity Investments Life Insurance Company informed roughly 30,000 individuals earlier this year that their personal information was compromised in a data breach at third-party services provider Infosys McCamish System (IMS).
On its website, Fidelity claims to have 51.5 million individual investors, and $14 trillion in assets under management.
Related: Personal Information Compromised in Universal Music Data Breach
Related: Marriott Agrees to Pay $52 million, Beef up Data Security Over Data Breaches
Related: 88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack
Related: Data Breach at Golf Course Management Firm KemperSports Impacts 62,000
