Monthly Archives

September 2020

SEC Issues Risk Alert on Login Credentials and Expands Definition of Accredited Investor

By | Uncategorized

OCIE Risk Alert: Cybersecurity: Safeguarding Client Accounts against Credential Compromise

On September 15, 2020, the SEC issued yet another Risk Alert focusing on cyber risk. This Risk Alert addresses “credential stuffing” which is a cyber-attack seeking access to customer accounts of the investment adviser. Credential stuffing uses compromised login credentials to obtain unauthorized access to the adviser’s network. Advisers experiencing credential stuffing have reported lost customer Personally Identifiable Information (“PII”) and stolen customer assets.

Read More