Christopher Maag reports:
Personal information belonging to 34,000 investment clients of Morgan Stanley Smith Barney has been lost, and possibly stolen, in a data breach. According to two letters sent to clients, and obtained by Credit.com, the information includes clients’ names, addresses, account and tax identification numbers, the income earned on the investments in 2010, and—for some clients—Social Security numbers.
The data was saved on two CD-ROMs that were protected by passwords, according to the letters, but the CDs were not encrypted.
[…]
The company mailed the CDs containing information about investors in tax-exempt funds and bonds to the New York State Department of Taxation and Finance. It appears the package was intact when it reached the department, but by the time it arrived on the desk of its intended recipient the CDs were missing, Wiggins said.
The state notified Morgan Stanley Smith Barney about the lost data on June 8. The company took two weeks to conduct an “exhaustive search” of all the facilities the package passed through, Wiggins said, and then mailed the letters to clients on June 24.
Read more on Credit.com.
Earlier coverage on BusinessInsider.com