The woes of banking and financial services firm wells fargo are far from being over. The firm is already under scrutiny for its 2016 fake-account scandal and is now under the spotlight once again after sensitive data of tens of thousands of accounts of prominent customers leaked through a lawyer’s unauthorized email. The bank’s computer system was not hacked, and the system malfunction and caused the breach.
The leak took place after 1.4 GB of files containing sensitive information of the firm’s clients were sent to Wells Fargo’s former financial adviser as a part of a lawsuit that involved two brothers, one of whom is a current employee and the other a former employee.
Sensitive customer data gets leaked: what happened?
While the size of the files – 1.4 GB to be exact - does not seem to be too big, the compilation included names, sensitive financial details, and social security numbers of more than 50,000 customers. According to the publication New York Times, the leak contained information of the financial firm's, wealthiest clients, who have investment portfolios worth tens of billions of dollars.
The information was apparently given to the firm’s former financial consultant Gary Sinderbrand who was not bound by any Confidentiality Agreement.
The files were sent to Sinderbrand by a lawyer named Angela A. Turiano. The spreadsheets containing the data were sent to Sinderbrand in the form of a CD. Turiano maintains that it was a mistake, which occurred because of having working relations with an outside vendor. The third-party vendor was supposed to scrutinize the documents as a part of the courts ongoing discovery process and had to ensure that Sinderbrand received only the files and emails related to his case.
Turiano claimed that after the CD was sent to Sinderbrand, she had asked him to return the files as the lack of a confidentiality agreement meant that the former and his lawyer can legally release the information that they had at hand.
Thus, if the information is leaked, then Wells Fargo will land in deeper trouble that it is already in.
Vendor error leaks Wells Fargo client information
A Bloomberg report reveals that the vendor error that caused in the leaking of data from Wells Fargo can be termed a Data Breach, which has the potential to violate a number of state and federal consumer data privacy laws. These laws restrict the release of customer information to outside parties or people. Moreover, given that the clients who have been targeted in this data breach are not just anyone, but some of the wealthiest profiles of the bank, it can be well expected that the bank will take a major hit.