Fidelity data breach: details of the security incident affecting over 77,000 customers.
In August 2024, Fidelity Investments experienced a data breach that affected personal information of 77,099 customers. The incident, which occurred on August 17 and was detected two days later, was officially reported to the Maine Attorney General’s office. An attacker gained access to customer names and other personal identifiers between August 17 and 19 using two recently created customer accounts.
This is the fourth data breach for Fidelity in the last 12 months, with others occurring on March 4, March 18, and July 19.
Although it affected a small portion of the company’s 51.5 million customers, Fidelity confirmed that no passwords or funds were compromised.
Customer notification and preventive measures
After identifying the breach, Fidelity’s Privacy Office sent a communication to affected customers, outlining the compromised data and recommending specific security measures. Customers were offered 24 months of credit monitoring and identity restoration services through TransUnion Interactive. This initiative aims to help customers detect any suspicious activity in their credit reports following the incident. Additionally, Fidelity advised regularly monitoring account statements and reporting any unusual activity to banks or authorities.
To enhance security, Fidelity suggested practices such as changing account passwords, using strong passwords, and enabling two-factor authentication, despite financial accounts not being directly affected.
