dcsimg

Morningstar Hacked

Download our in-depth report: The Ultimate Guide to IT Security Vendors

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Google+
Share it on Linked in  
Email  

Morningstar recently began notifying its clients that the Morningstar Document Research (MDR) system was hacked on or around April 3, 2012, potentially exposing approximately 182,000 clients' first and last names, mailing addresses, e-mail addresses and passwords, along with approximately 2,300 clients' credit card numbers (h/t DataBreaches.net).

According to a FAQ [PDF file] regarding the breach, which was recently posted on Morningstar's Web site, none of the information was encrypted. "However, earlier this year, before we learned about this incident, we encrypted all credit card numbers in the MDR database," the FAQ states.

In response, the company has reset all passwords for Morningstar Document Research. "The next time you access your account, you will be required to create a new password," Morningstar Products Group president Chris Boruff noted in an e-mail to clients. "Also for your protection, we strongly suggest you avoid using the same passwords across multiple accounts and be alert to potential phishing scams."

All clients whose credit card information may have been compromised are being offered one year of free identity protection through Experian's ProtectMyID Alert program.

Clients with questions are advised to call (877) 316-9552.

Submit a Comment

Loading Comments...