Morgan Stanley has confirmed it sacked one of its financial advisers after he allegedly stole confidential data on up to 350,000 clients – information which then appeared online.
According to the New York Times, in mid-December Morgan Stanley found on Pastebin sensitive information regarding 1,200 accounts belonging to 900 clients within its $2 trillion Wealth Management division.
A miscreant had posted the records online as a teaser for the sale of six million account records and passwords, and wanted payment in the virtual currency Speedcoin.
"Overall, partial account information of up to 10 percent of all Wealth Management clients was stolen," the bank said in a statement on Monday.
"The data stolen does not include account passwords or social security numbers. The firm is taking the precaution of notifying all potentially affected clients and instituting enhanced security procedures including fraud monitoring on these accounts."
Sources familiar with the matter said a subsequent investigation by the bank fingered a recently appointed financial adviser in the Wealth Management division, 30-year-old Galen Marsh. The bank says it is confident that no money was stolen as a result of the leak, all customers affected had been contacted, and it has asked the FBI to investigate.
Marsh "acknowledged that he should not have obtained the account information and has been cooperating with Morgan Stanley to protect the firm and its customers," said his lawyer, Robert Gottlieb of Gottlieb & Gordon.
"Mr Marsh did not sell nor ever intend to sell any account information whatsoever," Gottlieb said. "He did not post the information online. He did not share any account information with anyone nor use it for any financial gain. He is devastated by what has occurred and is extremely sorry for his conduct." ®