Morningstar: Client credit card data may be leaked

Jul 06, 2013

Morningstar Inc. says it discovered an illegal intrusion into its systems that may have compromised some of its clients' personal information, including email addresses, passwords, and credit card numbers.

The Investment research provider said the breach took place around April 3.

The intrusion affected about 2,300 users whose credit card information was stored in the Morningstar Document Research system, formerly known as 10-K Wizard. An additional 182,000 clients who had email addresses and user-generated passwords in the system may have been affected, the company said in a filing with the Securities and Exchange Commission.

Morningstar said it shut down old servers and moved data to a more earlier this year in a move unrelated to the incident. It maintains it has taken additional steps to prevent unauthorized access to its systems to protect client information. The company said it is also working with and credit card companies, as well as investigating the incident on its own.

Morningstar sent notices to clients and reset their passwords. It is offering 12 months of free identity protection to clients whose credit cards may have been compromised.

"At this point, we don't have any evidence to suggest that any of the information that was compromised has been misused," the company said in the filing. It doesn't believe any other Morningstar products were affected.

Shares of Morningstar Inc. closed Friday unchanged at $78.07.

Explore further: Study: Social media users shy away from opinions

not rated yet
add to favorites email to friend print save as pdf

Related Stories

Consumers urged to be vigilant in wake of Zappos cyberattack

Jan 18, 2012

(PhysOrg.com) -- As an estimated 24 million Zappos.com customers begin receiving notifications that some of their personal data have been compromised in a massive cyberattack, an Indiana University cybersecurity expert is warning t ...

Hackers expose more Israeli credit card details

Jan 06, 2012

A group of Saudi hackers calling themselves group-xp published details of more than 6,000 Israeli credit cards online in the second such incident in three days, army radio reported on Friday.

Recommended for you

WEF unveils 'crowdsourcing' push on how to run the Web

3 hours ago

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

Study: Social media users shy away from opinions

Aug 26, 2014

People on Facebook and Twitter say they are less likely to share their opinions on hot-button issues, even when they are offline, according to a surprising new survey by the Pew Research Center.

US warns shops to watch for customer data hacking

Aug 23, 2014

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Fitbit to Schumer: We don't sell personal data

Aug 22, 2014

The maker of a popular line of wearable fitness-tracking devices says it has never sold personal data to advertisers, contrary to concerns raised by U.S. Sen. Charles Schumer.

Should you be worried about paid editors on Wikipedia?

Aug 22, 2014

Whether you trust it or ignore it, Wikipedia is one of the most popular websites in the world and accessed by millions of people every day. So would you trust it any more (or even less) if you knew people ...

User comments : 0