14 DAY TRIAL // Morningstar, an investment resource specialized in fund investing, has started notifying customers that its Morningstar Document Research (formerly 10-K Wizard) system was breached in early April 2012.
According to the letter sent to customers, obtained by DataBreaches.net, names, addresses, email addresses and passwords may have been compromised.
As a result of the breach, which was only recently discovered, all Morningstar Document Research passwords have been reset.
“Earlier this year, we shut down the old servers and moved the data to a more secure infrastructure as part of a migration plan unrelated to this issue. We have taken other steps to prevent unauthorized access to our systems to protect your information. We are also working with law enforcement officials and conducting our own investigations,” the letter reads.
On the other hand, if the breach really occurred over one year ago and the letters started going out only on Tuesday morning, changing users passwords doesn’t do much good at this point.
A recent study has shown that, on average, companies believe they can detect a data breach within 10 hours. Obviously, most of them are over confident in their capabilities.