How did Wells Fargo lose data for over 50,000 customers?

Wells Fargo released 1.4 GB of files that contained customers’ names, social security numbers and sensitive details to a lawyer by accident.

The lawyer is representing a former Wells Fargo employee in a defamation case and subpoenaed the bank for documents related to the case.

Instead, the lawyer received financial information for over 50,000 customers, including some who have tens of billions of invested dollars.

Furthermore, the documents were handed over without any protection orders or confidentiality agreement – safeguards that usually happen when information of this nature is passed between lawyers.

What that means in legal terms: It would be perfectly legal if the lawyer released that material to the court as part of his client’s case, which would then make it retrievable through the public record.

When the lawyer realized what he’d gotten, he notified Wells Fargo’s legal team, who replied the documents had been handed over accidentally and should be returned.

The case in question and the legal request sent to Wells Fargo had nothing to do with client record data, so the information shouldn’t have been sent in the first place.

To prevent this at your workplace, make sure sensitive user and company data can’t just be sent through email unencrypted.