Data Breaches

Breach Subtotal

Breach Type: all
Organization Type: all
Year(s) of Breach: all
Company or Organization:
Date Made Public:
January 11, 2018
Company: Fidelity Investments
Location: Boston, Massachusetts
Type of breach:
DISC
Type of organization:
BSF
Records Breached:
348

Fidelity Investments suffered an inadvertent disclosure on 11/24/17 that affected 348 records, including social security numbers. 

Information Source:
Security Breach Letter
Date Made Public:
September 26, 2014
Company: Fidelity Investments
Location: , Maryland
Type of breach:
DISC
Type of organization:
MED
Records Breached:
1

name, ssn, brokerage account number

Location of breached information: email

Business associate present: No

Information Source:
Maryland Attorney General
Date Made Public:
July 31, 2013
Company: Fidelity Investments, Oracle
Location: Redwood, California
Type of breach:
DISC
Type of organization:
BSF
Records Breached:
0

Current and former Oracle employees may have had their 401(k) information viewed by a plan administrator at the firm of another Fidelity client.  Names, Social Security numbers, compensation, and other 401(k) savings and investmant plan information was briefly viewed by accident.  The issue was discovered on July 10, 2013.  

Information Source:
California Attorney General
Date Made Public:
February 21, 2007
Company: Fidelity Investments, Dairy Farmers of America
Location:
Type of breach:
PORT
Type of organization:
BSF
Records Breached:
69

A Fidelity laptop used by a former Fidelity employee was discarded and recovered by a non-affiliated person. The employee had taken the laptop home after believing it had been decommissioned from business use by Fidelity. Participants and beneficiaries of participants in the Dairy Farmers of America Defined Benefit plan had their names and Social Security numbers exposed. At least 69 New York residents were affected by the breach, but the total number of affected individuals nationwide was not revealed.

Information Source:
Date Made Public:
February 21, 2007
Company: Fidelity Investments
Location: Tampa, Florida
Type of breach:
INSD
Type of organization:
BSF
Records Breached:
8,500,000

"A senior database administrator at a subsidiary of Fidelity National Information Services who was responsible for defining and enforcing data access rights at the firm took data belonging to as many as 8.5 million consumers -- not 2.3 million, as originally disclosed by the company. . .  .


On July 3, Fidelity National disclosed that a database administrator, who is no longer with the company, had illegally downloaded and sold customer data to a data broker. The data broker, in turn, sold a subset of the data to other direct marketing companies. The stolen data included names, addresses, birth dates, bank account and credit card information, the company said."

Information Source:
Media
Date Made Public:
March 23, 2006
Company: Fidelity Investments
Location: Boston , Massachusetts
Type of breach:
PORT
Type of organization:
BSF
Records Breached:
196,000

A laptop containing names, addresses, birth dates, Social Security numbers and other information of 196,000 Hewlett Packard, Compaq and DEC retirement account customers was stolen. Fidelity contacted the customers and paid for one year of credit monitoring services.  Fidelity also pledged to pay for unauthorized transactions in pensions or retirement accounts that occurred due to the theft.

Information Source:
Security Breach Letter
CSV