American financial services giant Morgan Stanley agreed to pay the Securities and Exchange Commission (SEC) a $35m penalty on Tuesday over data security lapses. According to the SEC’s complaint, the firm would have allowed roughly 1000 unencrypted hard drives (HDDs) and about 8000 backup tapes from decommissioned data centers to be resold on auction sites without first being wiped.

Read full article on Infosecurity