Florida Investment & Securities Lawyer
Call to Schedule a Consultation
561-417-8777

SEC Advises Brokers, Investors on Risks of Hacking and Other “Cyber” Attacks

“Cybersecurity” is a major issue that affects many large, publicly traded companies. Recently Anthem, Inc., the nation’s second-largest health insurer, reported a major breach of its security. Hackers managed to acquire personal data—Social Security numbers, telephone numbers, addresses, et cetera—on millions of Anthem customers. This attack comes just a couple weeks after President Obama announced his support for new legislation that would require companies “to inform consumers of a data breach within 30 days of discovery.”

For its part, the Securities and Exchange Commission recently issued a pair of cybersecurity-related documents to investors and companies. In a “Risk Alert” published by the SEC’s Office of Compliance Inspections and Examinations (OCIE), the agency discussed its survey of over 100 registered brokers and investment advisers regarding their own cybersecurity policies. Most of those surveyed said they had “written information security policies,” and conducted “periodic audits” to ensure compliance.

But just having written policies are not enough. OCIE noted less than a third of brokers surveyed—and only about 1 out of 10 investment advisers—had procedures in place “to determine whether they are responsible for client losses associated with cyber incidents.” And in fact, most of the firms surveyed said they had suffered cyber-attacks, either directly or through an affiliated vendor.

OCIE identified “malware and fraudulent emails” as the most common form of cyber-attack. About half of those surveyed said they had received false emails from individuals purporting to be clients. Brokers reported losses of upwards of $75,000, requiring restitution to affected clients. Several firms claimed these losses were the result of employees not following existing written cyber-security policies.

Protecting Yourself from Cyber Attacks

Cybersecurity is not just a broker responsibility, however. In a second publication, the SEC’s Office of Investor Education and Advocacy advised investors to take better care in protecting their online brokerage accounts. Many of the SEC’s tips are common sense but nonetheless bear repeating in light of ongoing cybersecurity threats.

First and foremost, the SEC said anyone with an online brokerage account should use a “strong” password that is changed on a regular basis. The SEC said a good password has “eight or more characters that include symbols, numbers, and both capital and lowercase letters.” Investors should also avoid using the same password for different brokerage accounts. Ideally, investors should also take advantage of “two-step verification,” a common cybersecurity mechanism now employed by many brokerages. A two-step process includes not just a password, but also requires an additional code sent to an investor’s email account or smartphone.

Other SEC cybersecurity tips include exercising caution when accessing your account over a wi-fi connection, especially those in public places like airports or coffee shops; avoiding the use of any public computers, such as those at libraries, to access your account; and regularly checking your brokerage statements to ensure nobody has made any unauthorized or suspicious transaction.

Of course, even the most cybersecurity-conscious investor may still fall prey to a data breach. If you have been the victim of a cyber-attack and need advice on your legal rights, contact Florida securities fraud attorney Gregory Tendrich, P.A., right away.

Gregory Tendrich, PA
Gregory Tendrich, P.A. serves clients throughout Florida, including the cities of West Palm Beach, Palm Beach, Delray Beach, Boynton Beach, Boca Raton, Port St. Lucie, Lake Worth, Wellington, Riviera Beach, Palm Beach Gardens, Fort Pierce, Vero Beach, Hobe Sound, Jupiter Island, North Palm Beach, Lake Park, Lantana, Stuart, Palm City, Jensen Beach, Tequesta and Juno Beach and represents clients in Palm Beach County, Martin County, St. Lucie County, Indian River County and throughout Florida.

Our Location

3010 N. Military Trail, Suite 210
Boca Raton, FL 33431

Telephone: 561-417-8777
Fax: 561-417-8700

The information you obtain at this site is not, nor is it intended to be, legal advice. You should consult an attorney for individual advice regarding your own situation.

No content on this site may be reused in any fashion without written permission from www.YourStockLawyer.com

MileMark Media - Practice Growth Solutions

© 2015 - 2018 Gregory Tendrich, P.A. All rights reserved.
This law firm website is managed by MileMark Media.

Contact Form Tab