HELENA – The Financial Industry Regulatory Authority has fined D.A. Davidson & Co. $375,000 for failing to protect confidential customer information from hackers despite a recommendation from security consultants to install an intrusion detection system.
A hacker accessed records belonging to 192,000 customers of the Great Falls financial services company in December 2007 and then e-mailed D.A. Davidson officials seeking payment in exchange for deleting the information.
FINRA Executive Vice President James S. Shorris said Monday that D.A. Davidson’s customer database was on a server that was perpetually exposed to the Internet without basic safeguards.
FINRA said when assessing the fine, it took into account the fact that D.A. Davidson responded quickly, cooperated with law enforcement and no customer had their identity stolen.
In settling the case, D.A. Davidson neither admitted nor denied the charges.