[BreachExchange] Pepperstone Updates Clients on Data Breach Investigation

Tue Aug 11 10:20:56 EDT 2020

https://www.financemagnates.com/forex/brokers/pepperstone-blames-3rd-party-vendor-for-users-data-breach/

Multi-regulated FX broker Pepperstone has just updated its clients
about the data security breach that occurred just over a week ago. The
company said the security issue had originated from one of its
third-party vendors after cybercriminals used malware to compromise
its computers and obtained access to the provider’s credentials.

Not so long after that, the team further explains, the intruders then
used those credentials to gain some access to Pepperstone’s internal
client relationship management system (CRM). Although it managed to
stop the cyber attack, the miscreant gained possession of some
personal information of a subset of Pepperstone’s clients.

The company has provided more details of its ongoing investigation
into the matter, revealing the types of personal data that may have
been impacted. The global broker confirmed the breach included
clients’ names, contact details (such as email, phone number and
physical address) and date of birth.

The broker, however, said none of its trading systems, client’
accounts, identity documents, passwords or bank accounts were
compromised or at risk as a result of the incident.

According to an email sent to clients, the results come from
Pepperstone’s ongoing forensic investigation into the incident.

“The criminals accessed a subset of our account holder data via the
client relationship management system. Importantly, the criminals
weren’t able to access our trading environment or our financial
systems, which are segregated from our client relationship management
system. This means that the criminals didn’t gain access to any
trading accounts, banking details, passwords or ID documents that we
hold for you. Our clients can continue to have confidence in using our
trading systems safely and securely.”

Pepperstone immediately notified affected individuals

A spokesperson of Pepperstone Group Limited explained the following to
Finance Magnates: “Pepperstone has conducted a forensic investigation
into a malware attack on 22 July, which compromised a computer system
used by an external service provider in order to steal their user
credentials.

 “Before the attack could be stopped, criminals were able to obtain
some personal information of some our account holders. We believe that
the information was shared with third parties, who made unsolicited
contact with Pepperstone account holders.

 “It’s important to note that no trading accounts, passwords or bank
account information has been compromised. Our investigation has
confirmed that information is limited to client names, some contact
details and some personal details.

 “We immediately notified the individuals affected, and provided
information and recommendations to help ensure their ongoing security.
We are extremely concerned that this incident has occurred and will
continue to do everything we can to ensure our clients can continue to
trade safely and securely.”

Pepperstone recommends steps to ensure account safety

Once Pepperstone became aware of the issue, on July 22, the company
engaged as a matter of urgency with their respective data privacy
regulators and independent external forensic experts to conduct an
extensive investigation

As a precaution, however, Pepperstone told clients to enable
two-factor authentication and change their passwords. And more
importantly, they were asked to contact their local cybercrime agency
if they believe their personal information has been compromised.
Clients were also advised to consult with their banks immediately if
they sent money or provided confidential banking information to any
potential scammers in general.

Speaking to Finance Magnates Tamas Szabo, Chief Executive Officer,
Pepperstone Group said: “The cybercrime industry is increasingly more
sophisticated, more flexible and more global – a threat to all
companies, governments and individuals around the world.

 “Over several years we have invested heavily in cyber resilience,
building a substantial IT security environment. Our industry-best
practice is the reason we were able to detect and stop this attack so
quickly.”