[BreachExchange] Robo-advice firm suffers data breach

[Destry Winant]

https://international-adviser.com/robo-advice-firm-suffers-data-breach/

Germany-headquartered online advisory firm Scalable Capital has fallen
victim to a data leak.

According to local newspaper Merkur, the fintech company has suffered
a “data protection incident” which saw confidential data being stolen.

The clients affected were informed of the incident in a letter which
claimed there had been an “unlawful access” of confidential client
information in its document archive.

The firm said that contact information, securities accounts, tax
identification numbers, accounts with other banks and ID details were
all accessed during the breach.

Scalable believes that around 20,000 customers in Germany and the UK
were impacted by the data leak.

An inside job

The firm discovered the incident on 16 October 2020 and said it took
all the necessary measures to avoid an additional breach from taking
place.

Regulators have also been informed of the “unlawful access”, and a
complaint was filed with the public prosecutor.

The robo-adviser believes the leak was down to extensive insider
knowledge, as it said there is no externally exploitable security gap
in its system.