Sarah N. Lynch reports:
A St. Louis-based investment advisory firm will pay $75,000 to settle civil charges alleging it failed “entirely” to protect its clients from a July 2013 cyber attack that was later traced to China, U.S. regulators said on Tuesday.
The Securities and Exchange Commission said R.T. Jones Capital Equities Management did not even encrypt its customers’ data or install a firewall on its servers, and the hack compromised the personal details of about 100,000 people.
Read more on Reuters.
Previous coverage of their breach here. Note that at the time, we had no idea of how extensive the breach was in terms of numbers. This appears to be the first time we’re learning that 100,000 (and not hundreds) of people were affected.