SmartMoney Blogs

Pay Dirt
A daily look at what we buy, how we spend, and the companies that do right - and wrong - by their customers.

Lessons From the Morgan Stanley Data Breach

iStockphoto

Brokerage Morgan Stanley Smith Barney has warned 34,000 account holders of a data breach that exposed Social Security numbers, account information and addresses, among other data.

The information, stored on two password-protected CDs, was lost en route to the New York State Department of Taxation and Finance in early June, says Jim Wiggins, a spokesman for Morgan Stanley. The package arrived but the CDs did not, and subsequent searches by the department, brokerage and U.S. Postal Service failed to locate them. “We’ve seen no evidence of criminal intent or actual misuse of this information,” Wiggins says. The breach affected less than 1% of the brokerage’s accounts. Account holders whose Social Security numbers were exposed in the breach will receive a year of credit monitoring from credit bureau Experian.

That’s small comfort to account holders if the information was stolen and not lost, says Adam Levin, co-founder of Identity Theft 911 and Credit.com, which initially reported the breach from accountholder letters. Unlike stolen credit card numbers, which must be used quickly before issuers close them, thieves could hang onto stolen SSNs for years before using them. “Identities are currency, they’re evergreen,” Levin says. That type of identity theft can also cause a wider variety of problems for the victim: new debts in his or her name, medical expenses or even a criminal record. “They re-create you,” he says. Account holders whose Social Security numbers weren’t part of the breach can’t rest easy, either. Account numbers could still be used for fraud, and enterprising thieves could reach out to victims in the guise of the brokerage to mine for other information.

The breach is a good reminder for consumers that not all breaches are the result of hacking, Levin says. In a breach, victims’ best recourse is to change their log-in information, request new numbers for any credit or debit cards linked to their accounts, and monitor accounts daily for problems, he says. Call the breached company directly with any questions, instead of responding to unsolicited emails or calls. The Fair Credit Reporting Act entitles you to one credit report a year from each of the three bureaus — pull one every four months from AnnualCreditReport.com. Your employer, insurance company or bank may also offer identity theft resolution services as a perk, he says, so ask around to see if you have that extra protection.

Comments

We welcome thoughtful comments from readers. Please comply with our guidelines. Our blogs do not require the use of your real name.

Comments (2 of 2)

View all Comments »
    • I’m with JJ on this. Jobs is overblown mipage. He didn’t invent things he took them from others. The GUI came from Xerox, as did parts of apple talk. They built the business on a closed loop system. They had their own printers and peripherals. It must have hurt Jobs to sign off on a USB port for the Mac, (note the lack on the iPad). Macwrite and Macpaint were never leading edge,but they suited the graphics market it also made a decent midi controler for seqencers What off the shelf software there was generally single task and very expensive for what it was. Thats just leaves the industrial design side. While the products look pretty, there are as good designs coming out of every design school. My bigger issue that their striving to look good, strangles funtionality at times. Two buttons on the mouse or touchpad make life so much easier. His true legacy: Built the machine that ran Hypercard that built the Web Programming on it was a pain. It used the Motorola chips that were easy to program, but MacOS was a nightmare.

    • 1) Not at all; it is extremely uellkniy I’ll have enough money to retire at all. I fully expect to continue working as long as I am able.2) Actually, I do plan on receiving the Social Security benefits that have been promised to me, because I am close to retirement age and think the system won’t crash that soon.3) I save zero percent of my income for retirement (or for anything else). I earn minimum wage and still have student loan debt.4) I don’t plan to retire, as I won’t be able to afford to retire. Maybe I could move a few miles into Mexico and commute to a US job.5) I am mid-50s, don’t expect to retire.

About Pay Dirt

  • Pay Dirt examines the millions of consumer decisions Americans make every day: What to buy, how much to pay, whether to rave or complain. Lead written by Quentin Fottrell, the blog examines these interactions, providing readers with news, insight and tips on shopping, spending, customer service, and companies that do right – and wrong – by their customers. Send items, questions and comments to quentin.fottrell@dowjones.com or tweet @SMPayDirt.