August 30, 2021

Cetera Advisor Networks LLC and related entities will pay $300,000 to resolve SEC charges that the investment advisor and broker-dealer violated Regulation S-P regarding the safeguarding of customer records and information and provision of breach notification to customers. The SEC alleged that between November 2017 and June 2020, email accounts of Cetera personnel were taken over by unauthorized third parties, resulting in the exposure of personally identifying information of more than 4,000 Cetera customers and clients.  The accounts were not protected with multi-factor authentication, even though Cetera’s policies required MFA.  SEC

Tagged in: Cybersecurity and Data Breaches, Financial and Investment Fraud, Financial Institution Fraud, Regulatory Violations,