DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Wells Fargo reports two insider breaches in 6-month period

Posted on May 25, 2010 by Dissent

Although it seems to have flown under the mainstream media radar, Wells Fargo reported at least two breaches involving insider wrongdoing in a six-month period.

On November 12, 2009, its subsidiary, Wells Fargo Advisors (WFA) advised the New York State Consumer Protection Board that when a stock broker for Wachovia Security left the firm in June 2008, he took with him the personal information on 1,023 New York residents. Wachovia Security is WFA’s predecessor. According to the notification by Peter L. McCorkell, Senior Company Counsel, WFA only learned of the breach “recently.” The information removed included clients’ names, addresses, Social Security numbers, and brokerage accounts numbers. The employee presumably took the information to use in his new employment.

On April 22, 2010, Wells Fargo again notified the New York State Consumer Protection Board of a breach involving insider wrong doing. According to the letter signed by Brian N. Gentry, Counsel, Wells Fargo was notified by law enforcement that documents containing clients’ names, dates of birth, Social Security numbers, and mortgage loan account numbers were recovered by police during the execution of a search warrant at a former Wells Fargo team member’s home. Five New York State residents were notified of the breach and offered some free credit monitoring services and assistance. “We have taken appropriate action against this individual,” Gentry wrote to NYS. One New Hampshire resident was also notified of the breach, as was one Maryland resident.

Wells Fargo declined to provide additional information on these breaches in terms of the total number of individuals affected by each incident and other details of the breaches, citing company policy “to provide specific information relating to the breach to only those entities as prescribed by law.” The spokesperson did confirm, however, that the two breaches were unrelated and stated that there has been no indication of misuse of the data from either breach.

These latest incidents were not the first nor last instances of reported insider wrongdoing at Wells Fargo. In May 2008, the firm notified New Hampshire that an employee had misused a customer’s account information. In August 2009, a bank call center employee was arrested for accessing customer accounts and removing money to pay her own bills. And last week, a customer sued Wells Fargo and one of its employees, alleging that a customer service representative named Michael in Wells Fargo’s Home Mortgage division had demanded “phone fun” with him as a prerequisite for correcting an error in her account. In a statement e-mailed to the Huffington Post, a spokesperson said the bank “takes the allegations seriously and will investigate and respond appropriately.”

Update: I forgot to link to the reports from NYS that I uploaded to this site for the Nov 2009 and April 2010 notifications. You can find them here.

Category: Breach IncidentsFinancial SectorInsiderOf NoteU.S.

Post navigation

← Firms not required to inform victims of privacy breach under new rules
Webinar: Ready for Data Breaches under the HITECH Act? →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Trump Rewrites Cybersecurity Policy in Executive Order
  • AMI Group – Travel & Tours notice of ransomware attack
  • Resource: Insider Threat reports
  • Za: Cyber extortionist sentenced to eight years in jail
  • ICE takes steps to deport the Australian hacker known as “DR32”
  • Hearing on the Federal Government and AI
  • Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Privacy Victory! Judge Grants Preliminary Injunction in OPM/DOGE Lawsuit
  • The Decision That Murdered Privacy
  • Hearing on the Federal Government and AI
  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.