Morgan Stanley will be settling its data security lawsuit filed by its customers by agreeing to pay $60 million. The complainants said the investment banking company failed to properly pull out some of its outdated information technology, and this led for their personal data to be exposed.
According to Reuters, the proposed initial settlement of the class action was filed at a Manhattan federal court on Friday, Dec. 31, on behalf of around 15 million customers, but it still needs to be approved by U.S. District Judge Analisa Torres.
For the settlement, each of the customers can apply for a repayment of up to $10,000 in out-of-pocket losses. In addition, they can also receive at least two years of fraud insurance coverage.
Then again, while it has agreed to resolve the case through settlement, Morgan Stanley reportedly denied any wrongdoing. In the settlement documents, it was added that the company has made considerable improvements to its data security practices through upgrading them.
The lawsuit was filed by customers after accusing Morgan Stanley of its failure to scrap two wealth management data centers in 2016 before the unencrypted equipment was resold to unauthorized third parties. They said that the tool was sold when customer data was still in it; thus, their personal information was exposed.
They further claimed that some of the old servers that contain data of customers have gone missing after the bank moved them to an outside vendor in 2019. Court documents showed that Morgan Stanley recovered the servers later.
The company agreed to pay a $60 million civil fine to settle the claims in a separate class-action suit from the U.S. Office of the Comptroller of the Currency regarding the accusations that its data security practices were not safe in addition to the mentioned incidents.
Meanwhile, an executive from a cybersecurity firm said the incidents at Morgan Stanley are preventable if they will work with NAID AAA certified e-waste recyclers and IT asset disposition companies or ITAD. They also need to communicate with vendors to make sure that all data re totally destroyed.
“This is a classic and textbook example of what not to do. With the current massive increases in liability, there is a huge storm of problems on the horizon for all businesses that mismanage customer information that is stored digitally,” John Shegerian, chairman and chief executive officer at ERI, the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the US, said in a press release. “What happened to Morgan Stanley was totally avoidable.”


US Resumes Dollar Shipments to Iraq After Months-Long Suspension
Asian Stocks Slide as Chip Shares Tumble Ahead of Key U.S. Jobs Report
US Dollar Rises as Fed Rate Outlook Stays Hawkish, Euro Slips and Yen Near 40-Year Low
Asian Currencies Stay Under Pressure as Dollar Holds Near 13-Month High Ahead of U.S. Jobs Report
South Korea Alleges Google Abused Android App Store Dominance, Eyes Major Fine
UN Chief Urges Nations to Close $100 Million UNRWA Funding Gap
Switch Seeks $2 Billion Funding at Nearly $50 Billion Valuation Ahead of Potential IPO
US Jobs Report Preview: June Payroll Growth Seen Slowing as Fed Rate Decision Looms
South Korea Warns Won Is Undervalued, Boosts FX Coordination With Japan
Trump Administration Declines USMCA Renewal, Opens Talks on New Trade Changes
India Manufacturing PMI Slows in June as Demand Weakens Despite Lower Cost Pressures
Sodexo Raises 2026 Revenue Outlook After Strong Q3 Sales Beat
ShareChat Eyes 2027 IPO After Reaching Operational Profitability, Report Says
Trump Administration to Launch Voluntary AI Standards for Frontier Models
SoftBank’s LY Corp, Bain Raise Kakaku.com Bid to ¥670 Billion, Intensifying Takeover Battle
Microsoft Reportedly Plans New Job Cuts Across Sales, Consulting, and Xbox
Trump Reports $1.4 Billion in Crypto Income as Digital Assets Become Top Wealth Source 



