“You wouldn’t have thought that one of the three main credit bureaus would have been subject to a breach, you would have thought that they would have had a tighter hold on their data,” Sherry said. “Years later, I’m still getting email telling me my information is out on the dark web.”
Advisors and their clients need to make sure they understand who has access to their financial data, and where that data resides, she said.
Companies that purport to offer “free” services, commission-free trading apps like Robinhood, and account aggregation and budgeting tools like Intuit’s Mint, are of particular concern.
“Most people realize somewhere inside of them that there’s no free lunch, and you get what you pay for a lot of times,” Sherry said. “I would be very careful about using or recommending fintech tools if I wasn’t sure that the company had a good structure for accepting liability, making complaints and helping a consumer when things go wrong. That could go bottoms-up in a hurry.”
Sherry provided a set of tips for the end-client to help protect their data:
• Discontinue service with any apps no longer in use.
• Change passwords if there’s uncertainty about which applications and institutions have access to data and login information.
• Always read an app’s terms and conditions, along with their privacy disclosure.
• Opt-in to receive security and account updates from financial institutions and credit card issuers.
• Check resources available from financial institutions, like banks and brokerages, for using fintech apps safely.