Brokerage Firms Sued For Cyber Hacks and Stolen Funds

Hungry, creepy creatures are crawling abundantly on the web eager to swallow your money and your stocks and bonds and ETFs from your brokerage account.  But while many of the crooks employ the latest technology to do their dirty work, you can use a centuries old salve to thwart (some) of them: An ounce of prevention is worth a pound of cure.

A good way to start is with the off button on a computer or your broker’s web site.  You could still leave the door open to cyber thieves if you simply close or minimize your browser or type in a new Web address when you’re done using your online brokerage account, warns the broker self-regulatory body, the Financial Industry Regulatory Authority (FINRA).  So be sure to hit the “log off” button on your broker’s web site when you are finished or turn off the computer or mobile device completely.

Generally turning off your computer when it is not in use or at least disconnecting it from the Internet can also keep intruders from your account.  Regularly check your brokerage account for unauthorized transactions—especially withdrawals or wire transfers to an account that is not yours —and ask the firm to investigate if you find any, the brokerage regulator suggested.

One of the best defenses against hacking, said FINRA is having a subscription to antivirus software that is installed, active and kept up to date. If your email account gets hacked—or if for any reason you think that your personal financial information has been stolen—immediately contact your brokerage firm and other financial institutions, including credit card issuers, to notify them of the problem, urges FINRA.

The agency also recommends that you should also notify the credit bureaus to put a fraud alert on your file.  “In the meantime, be sure to change your username, password and PIN for your financial accounts—and also change your password to your email account,” FINRA counseled.

An additional ounce of prevention the Securities and Exchange Commission recommends is to use biometric means such as fingerprints, facial or voice recognition, or iris scanning to log into your account if your brokerage offers the feature.  Another feature that can add to the security of your account is known as “two-factor authentication”

“With a two-step verification process, each time you attempt to log into your account from an unrecognized computer, your investment firm sends a unique code to either your e-mail or mobile device.  Before you can gain access to your account, you must enter this code and your password,” the SEC explained

You won’t be able to get any of that money back from the Securities Investor Protection Corporation unless the brokerage is being liquidated or when SIPC obtains money for investors in an out of court “direct payment procedure when a small brokerage goes out of business.” If you discover your account has been hacked and your securities or cash have been stolen, you should contact your brokerage firm, the SEC, FINRA or other appropriate law enforcement authorities, SIPC said in an FAQ.  “Whether you would be protected if your account was hacked would depend upon the circumstances under which your account was gained access to, and other factors being present that justify the liquidation of the brokerage firm,” the SIPC website explains.

Many investors have successfully sued their brokerage firm through the FINRA arbitration forum.  When brokerage firms have lax compliance and allow funds to be stolen, a negligence based arbitration lawsuit can be filed against the firm to recover the stolen funds .  Stoltmann Law Offices has represented over 30 investors who had had their funds stolen or converted by outside third parties, friends, ex-spouses and others.   To learn more about this and for help in many of your other personal financial legal matters, call me at 312-332-4200 or email andrew@stoltlaw.com.