Major hedge fund sees customers’ personal data stolen by hackers
SEI is a fund administrator for Angelo Gordon, Pacific Investment Management Co, Centerbridge Partners, and several other money managers.
The cyber incident was detected in May but only recently disclosed to SEI clients.
According to the firm, an unidentified group of hackers compromised systems of M.J. Brunner Inc on 17 May. They stole discrete pieces of user information, including names and emails, as well as phone numbers and physical addresses.
Jonathan Knudsen, senior security strategist at Synopsys, said: “The aftershocks from the SEI Investments compromise continue to ripple outward, causing heartburn, financial damage, and reputational damage in equal parts. How can we learn from this incident? Every organisation is a software organisation, regardless of underlying mission or purpose.
“The immediate consequence is that every organisation must manage the risk of software misconfigurations, mistakes, and mischief. Every organisation must have a software security awareness, with plans and processes for minimising the business risk that is associated with the software it is using.”
The attack is the latest in a string of ransomware incidents that have affected the financial services sector through its suppliers.
In March, financial technology company Finastra suffered an attack that forced it to temporarily take its systems offline.
An attack on Finablr PLC’s foreign-exchange business Travelex in late December shut down its website for weeks, which had a knock-on effect on banks that use its services.