The Securities and Exchange Commission has warned its employees to monitor their credit reports for signs of fraud after a contractor shared their brokerage accounts with unauthorized companies for more than two years.
In a letter to employees dated Oct. 7, Thomas Bayer, the SEC's chief information officer, said Financial Tracking Technologies, which manages a computer system that handles employee stock trades, shared that information with "one or more consultants" and "a global technology and business services firm."
Although the SEC does not know whether the data has been misused, "it is prudent to consider taking some precautionary actions to protect yourself," said the letter, which was first reported Friday by Reuters.
The computer system storing employee brokerage accounts, known as the Ethics Program System, was created two years ago after the SEC's inspector general found cases where SEC lawyers may have benefited from insider trading. The computer system was designed to prevent SEC employees from trading stocks that the commission regulates.
According to its website, Financial Tracking Technologies, based in Riverside, Conn., offers the system to government regulators and "two of the five largest public companies" in the United States, among others. The company could not be reached for comment.
The SEC's IT department initially found out last month that Financial Tracking Technologies had been sharing its work on the computer system with other companies since June 2009. SEC spokesman John Nester said the commission learned about the breach when a former employee of Financial Tracking Technologies "came to us with concerns about how SEC data was being handled."
According to the company's contract, the SEC must give its approval before the company can share that data with subcontractors, the letter said. Nester said the SEC has not decided whether to sever its contract with Financial Tracking Technologies.
The letter said the SEC plans to provide employees with a free year of credit monitoring, but said employees should consider taking the additional step of placing a fraud alert on their credit files.
UPDATE: In a statement Saturday, Financial Tracking Technologies said the company had notified the SEC of a third party vendor, but that financial data of SEC employees "remained under our control at all times" and "no breach of systems resulting in any misuse of personal data occurred."