fb

Second hand servers + personal data = $35 million

Second hand servers + personal data = $35 million

Morgan Stanley is one of the most renowned banks in the world. It started business on Wall Street in New York back in 1935 and has grown so that it now has a market capitalisation of around $150 billion and employs approximately 70,000.

It’s obviously good at a lot of things but one area it wasn’t so good at was looking after the personal data of about 15 million customers.

Probably one of the first things that come to mind when protecting the personal details of clients are the security systems to protect the data within the bank such as passwords, firewalls, etc.

The problem for Morgan Stanley though was the data that was in computer hardware that was scrapped.

The US Securities and Exchange Commission (SEC) accused Smith Barney (Morgan Stanley’s wealth management business), of “astonishing” shortcomings.

The problems arose when Morgan Stanley disposed of thousands of hard drives and servers.

On multiple occasions a moving and storage business with no experience in data destruction services was hired to decommission these hard drives.

In other words, the hard drives and servers which were being scrapped should have had all the personal details removed.

Unfortunately this didn’t happen and instead the moving business then sold thousands of these devices to a third party. This third party then resold them on an internet auction site.

Some of the devices were subsequently recovered but the SEC said that Morgan Stanley “has not recovered the vast majority of the devices”.

The devices which were recovered were found to contain “thousands of pieces of unencrypted customer data”.

The end result is that Morgan Stanley has agreed to pay a $35 million penalty to settle charges.

There’s a valuable lesson to be learnt from this as responsibility for the safeguarding of personal data remains with the organisation and this includes making sure that the destruction of hardware containing that data is done in such a way that the data is erased and does not find it’s way into other people’s hands.

Share this entry

Related articles

View All Articles

Recent articles

View All Articles
Top 10 unusual KPIs: strange ways businesses measure success
Mar 04, 2025
Title
Top 10 unusual KPIs: strange ways businesses measure success
Excerpt

Key Performance Indicators (KPIs) are essential for businesses to measure performance and track progress. While traditional KPIs focus […]

Bull vs. Bear Markets: what do they mean?
Feb 28, 2025
Title
Bull vs. Bear Markets: what do they mean?
Excerpt

If you keep up with the financial press, you’ll come across terms like “bear market,” “bull market,” and […]

Put your best foot forward (or somebody else’s)…
Feb 26, 2025
Title
Put your best foot forward (or somebody else’s)…
Excerpt

Shoes, business, and intellectual property came together recently when German footwear brand Birkenstock lost a legal battle to […]

Things are heating up…
Feb 22, 2025
Title
Things are heating up…
Excerpt

Data centres are the backbone of our digital world, providing the necessary infrastructure for storage, processing, and management […]

No hold ups…
Feb 19, 2025
Title
No hold ups…
Excerpt

As the world becomes increasingly digital, cashless societies are emerging as a major trend, transforming not only how […]

You are (probably) a liar…
Feb 17, 2025
Title
You are (probably) a liar…
Excerpt

Here’s a nice ethical question for you – have you lied recently? My guess is that you have. […]

Obesity & Business – changes on the way?
Feb 14, 2025
Title
Obesity & Business – changes on the way?
Excerpt

The private health insurer Vitality has announced that it will offer weight-loss medications Wegovy and Mounjaro to its […]

Uber’s growing but why did its share price fall?
Feb 05, 2025
Title
Uber’s growing but why did its share price fall?
Excerpt

Uber Technologies Inc. has firmly established itself as a global leader in mobility services. Despite facing regulatory challenges […]