Fidelity Data Breach Exposed the Personal Data of 77,000 Customers

Fidelity Investments has suffered a data breach that has compromised the personal information of 77,000 customers, the company said in a notice to the Maine attorney general’s office on Wednesday.

The breach occurred in August and is tied to two accounts recently opened with the asset management company, according to the filing. It’s not clear how these accounts allowed hackers access to customer data. 

Fidelity has not revealed what specific customer data was accessed by thieves, but said after concluding its investigation that no customer accounts or funds were compromised in the breach.

“We detected this activity on August 19 and immediately took steps to terminate the access,” Fidelity said in a notification letter to customers. 

Fidelity declined to provide further comment on the breach, but told CNET in an email that it has resources in place to assist customers with questions about the attack.

“Fidelity takes its responsibility to serve customers and safeguard information seriously,” the company said.

Read more: Data Breach Exposes Social Security Numbers of 237,000 Comcast Customers

What to do if you’re included in the Fidelity breach?

The Fidelity data breach affects a small percentage of the company’s 51.5 million customers. If you were affected, Fidelity is offering 24 months of credit monitoring and identity theft protection services from TransUnion Interactive. To activate this offer, use the code provided in your letter sent via USPS mail. Identity theft protection can help notify you of data breaches in advance and alert you if your personal data has been found on the dark web. 

In addition to taking advantage of this free service, you should change your password and monitor your Fidelity account for any suspicious activity. If you have a Fidelity account and aren’t sure if you were affected, changing your password is always a good idea. Regularly updating your password can make it harder for bad actors to hack into your account. A password manager can make that process much easier.

Depending on what sensitive data of yours was accessed, you should also monitor your credit reports with TransUnion, Equifax and Experian. 

You may even decide to place fraud alerts on your credit or freeze your credit with each of the three credit bureaus so that no one can open new credit accounts — such as car loans or credit cards — in your name.