Inside Job: The 2014 Morgan Stanley Data Breach

Generic placeholder image
Carl Niedbala

COO & Co-Founder

While most of us are coming back rested and refreshed for the new year, Morgan Stanley can’t quite say the same as the bank’s 2014 ended with a massive data breach.

Just two days after Christmas, information security employees at the bank discovered the data breach.  The bank was conducting a standard sweep of known criminal websites when it discovered that several hundred confidential client records were listed for sale.

After further examination, the bank found that 350,000+ files were stolen from its wealth management arm which has roughly 3.5M customers.  It doesn’t take a mathematician to figure out a whopping 10% of client files were stolen!  The alleged thief is Galen Marsh, a 30-year-old sales assistant that has been with Morgan Stanley for about 6 years.  The FBI is now looking into the matter.

This latest breach brings up an often overlooked point: one of the biggest threats to user data comes from within.  In fact, the cyber risk study cited in our post last week found that 32% of data breaches studied had some kind of insider involvement.

Startups should be sure that to have tiered access permissions, strict permission revocation procedures, employee nondisclosure agreements in place, and a good cyber liability insurance policy at a minimum.   Employees can have access to a ton of valuable information and it’s important to make sure procedures and failsafes are in place to protect that information.  Morgan Stanley ended 2014 with a data breach, don’t start your 2015 the same way.


We’ll bring more on the 2014 Morgan Stanley data breach as the situation develops.

In the meantime, if you have any questions about insurance or concerns about your own liability, don’t hesitate to reach out to us! We can be reached at (646)-854-1058 or We’ll be waiting for your contact!

[vc_btn title=”GET A QUOTE” style=”outline-custom” outline_custom_color=”#ee2524″ outline_custom_hover_background=”#ee2524″ outline_custom_hover_text=”#ffffff” shape=”square” size=”lg” align=”center” link=”|||”]

Related Articles

April 10 • Cyber LiabilityRisk Management Tips

Top 5 Social Media Influencer Lawsuits

A social media influencer often reaches millions of people, raising the stakes for the mid-market companies who hire them. Here’s how these risks unfold.

September 30 • Cyber LiabilityErrors & Omissions

E&O Insurance Guide for Canadian Tech Companies

Canadian tech companies face unique exposures — but tech E&O insurance helps to mitigate risks. Here’s what you should know.

September 23 • Cyber LiabilityErrors & Omissions

Top 5 E&O and Cyber Claims for Canadian Tech Companies

Canadian tech companies face a slew of challenges — but five primary E&O and Cyber claims stick out. Here’s a look at these themes.

protect from a data breach
August 18 • Cyber LiabilityRisk Management Tips

How to Protect Your Fast-Growing Business From a Data Breach

A cyberattack could devastate your fast-growing business quickly. With cybersecurity a real concern, here’s how to protect your mid-market business from a data breach.

July 9 • News

Three ways your business insurance coverage can help you navigate this period of crisis

Now is the time to rely on your broker and, in fact, test their ability to be the kind of representative who’ll work to protect the future of your business

healthcare startups
July 7 • News

15 Healthcare Startups That Improve Lives Worldwide

From innovative cancer treatment to supportive tools for physicians, these healthcare startups are changing lives for the better.