Morgan Stanley Wealth Management has dismissed an employee for allegedly stealing partial account information of up to 10 per cent of its clients.

Morgan Stanley Wealth Management yesterday said it has dismissed an employee for allegedly stealing partial account information of up to 10 per cent of its clients, at a time when data security is perceived as a major risk and budget item for financial firms.

Some 350,000 client accounts were involved in the incident, Family Wealth Report can confirm.

“While there is no evidence of any economic loss to any client, it has been determined that certain account information of approximately 900 clients, including account names and numbers, was briefly posted on the internet,” Morgan Stanley said in a statement. “The wealth management employee has been terminated, and law enforcement and regulatory authorities have been advised of the incident.”

The data stolen does not include account passwords or social security numbers.

Morgan Stanley said it is notifying all potentially affected clients of the incident and is putting in place enhanced security procedures, including fraud monitoring.

“Morgan Stanley takes extremely seriously its responsibility to safeguard client data, and is working with the appropriate authorities to conduct and conclude a thorough investigation of this incident,” the US firm said.

A source confirmed to this publication that the former employee is called Galen Marsh, who was based in New York. The bank discovered the internet post as part of a routine sweep on December 27, 2014, and quickly removed the information, the source said.

Meanwhile, the dismissed employee’s lawyer said the advisor never intended to sell the information and is “extremely sorry” for his conduct, according to Bloomberg.

Marsh “acknowledged that he should not have obtained the account information and has been cooperating with Morgan Stanley to protect the firm and its customers,” his lawyer, Robert Gottlieb of Gottlieb & Gordon, told the news service.

“Mr. Marsh did not sell nor ever intend to sell any account information whatsoever,” Gottlieb reportedly said. “He did not post the information online. He did not share any account information with anyone nor use it for any financial gain. He is devastated by what has occurred and is extremely sorry for his conduct.”

The news is a strong reminder of the issue of cybercrime, which has become a real and significant threat to wealth management sector and the financial services industry at large. In a similar but unrelated incident in October last year, JP Morgan said that some 76 million households and 7 million small businesses were affected by a cybersecurity attack, which, according to reports, was one of the biggest disclosed breaches to hit a financial institution. Since then, it has been claimed that the breach could have been avoided by a simple measure; according to the New York Times, the hackers could have been foiled if the bank had put in a simple security fix to an overlooked server in its network.