Tr?id=566623520170033&ev=PageView&noscript=1

ÍøÆØ³Ô¹Ï

Massachusetts Regulators Fine Fidelity $1.25 Million Over Data Breach Allegations

Posted on June 1st, 2026 at 11:49 AM
Massachusetts Regulators Fine Fidelity $1.25 Million Over Data Breach Allegations

From the desk of Jim Eccleston at ÍøÆØ³Ô¹Ï

Massachusetts regulators has fined Fidelity Brokerage Services $1.25 million over allegations that the firm failed to adequately protect customer information and properly notify all affected individuals following a significant data breach.

According to reporting by AdvisorHub, the parties reached a settlement pursuant to a consent order. That consent order reveals that Fidelity's cybersecurity failures allowed an unauthorized third party to access sensitive information belonging to approximately 77,000 customers. At least 2,768 Massachusetts residents were affected by the breach.

Fidelity accepted the consent order without admitting or denying any wrongdoing.

The consent order stated that, over a three-day period in August 2024, an unidentified third party accessed and obtained images containing highly sensitive customer information. The compromised records reportedly included Social Security numbers, financial account information, active credit card numbers, medical information, passports, and driver's license data.

Regulators also alleged that the compromised documents included personal information belonging to beneficiaries, relatives, and minors connected to customer accounts. According to AdvisorHub, although Fidelity notified certain impacted customers, regulators claimed the firm failed to notify all affected individuals whose information appeared in the exposed documents.

According to the consent order, the unauthorized access stemmed from a vulnerability in Fidelity's online access controls. Regulators alleged that the third party manipulated a ten-digit "Image ID" displayed within the browser while viewing customer documents, allowing access to records associated with other users, as reported by AdvisorHub.

The firm declined to comment on whether the breach affected customers affiliated with registered investment advisory firms or whether the incident remained limited to self-directed brokerage accounts.

According to AdvisorHub, this enforcement action is one of several as multiple brokerage firms continue to face scrutiny over cybersecurity incidents and client data breaches.

ÍøÆØ³Ô¹Ï LLC represents investors and financial advisors nationwide in securities, employment, transition, regulatory, and disciplinary matters.

Tags: eccleston, eccleston law, data breach, financial regulation, cybersecurity law, data privacy, regulatory fines

Return to Archive

TESTIMONIALS

Previous
Next
Quotes Bigger

I am so glad I found you! Wow! I appreciate your help, concern and guidance.

RB

LATEST NEWS AND ARTICLES

1783434190 Law
July 7, 2026
Private Credit Funds Face Mounting Redemption Pressure as Investor Sentiment Shifts

A surge in investor redemption requests has intensified pressure on private credit funds, raising concerns about liquidity and long-term stability across the asset class, as reported by The Wall Street Journal.

1783357679 Law
July 6, 2026
Schwab Imposes New Limits on Tax-Aware Long-Short Investment Strategies

Charles Schwab Corp.

1783012078 Law
July 2, 2026
Financial Services Institute Backs New Jersey Bill Protecting Independent Advisor Model

The Financial Services Institute (FSI) has urged New Jersey lawmakers to advance legislation that would help preserve the independent contractor status of financial advisors operating in the state.