Asset manager Fidelity Investments has been hit by a data breach affecting more than 77,000 customers.
It was reported to the Maine Attorney General’s office, and has exposed personal information, though Fidelity hasn’t disclosed exactly what was stolen.
The breach happened in August, and is linked to two recently opened accounts, though details on how they gave hackers access to such a large amount of data remain unclear.
Fidelity’s crypto footprint
Fidelity did confirm to its customers that no funds or accounts were affected. “We detected this activity on August 19 and immediately took steps to terminate the access,” it said in a letter.
The breach comes just as the company has been aggressively expanding its crypto operations. It all started in 2018 when it launched Fidelity Digital Assets, targeting institutional investors.
By 2022, it became the first major brokerage to allow retirement accounts to include Bitcoin. The company then launched the Fidelity Wise Origin Bitcoin Fund (FBTC) in January.
That SEC approval was a game changer. Investors have poured money into it, with more than $7.5 billion in inflows so far.
At press time, Fidelity holds 177,926 BTC, worth about $11.11 billion at current market prices. That’s about 0.847% of Bitcoin’s entire supply.
Cyberattack trends and TradFi’s vulnerabilities
Cyberattacks in the financial sector are on the rise, and Fidelity’s breach is just the latest in a long line of data compromises.
In the past year, 86% of finance companies have been hit by identity-related cyberattacks, with 84% falling victim to identity fraud.
These attacks often take the form of phishing, credential stuffing, and push notification scams. In fact, phishing alone accounts for like 42% of everything.
The average financial institution lost $4.57 million to cyberattacks, a huge jump from $2.19 million in 2023. A look at global cyberattack data shows that there are around 940,000 cyberattacks each day.
That’s nearly 11 every second. The Identity Theft Resource Center (ITRC) recorded 2,365 breaches in 2023 alone, a sharp increase from previous years. Ransomware attacks are also up by 15% in North America this year.
Major Wall Street firms have found themselves increasingly in hackers’ crosshairs. Even industries adjacent to financial services are suffering.
In February, Change Healthcare was hit by a ransomware attack, with operational disruptions and ransom payments costing them $2.3 billion.
A recent report showed that 80% of customers would consider leaving their bank after a data breach. Among those under 35, that number shoots up to 93%.
And even more alarming—only 11% of respondents were aware their bank had experienced a breach, while 63% wrongly believed their bank had not been compromised.
This communication gap only adds to the mistrust that follows such incidents. The damage to customer trust may be long-lasting.