This post was originally published on this site
The SEC charged KMS Financial Services, five units of financial firm Cetera, and two units of Cambridge Investment Research for failures to adopt and implement cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm.
Cetera, Cambridge and KMS did not respond immediately to requests for comment. None of the firms admitted to or denied the findings, the SEC said in a statement.
The Cetera entities agreed to pay $300,000, Cambridge agreed to pay $250,000 and KMS will pay $200,000, the SEC said.
