Information, including account names and numbers, was taken from roughly 10% of the bank’s 3.5 million wealth management clients, of which a small portion was posted “briefly” online on a website called Pastebin.
The data did not include account passwords and social security numbers.
Galen Marsh was sacked from a Manhattan branch of the business last week, and his lawyer, Robert Gottlieb from US law firm Gottlieb & Gordon, has since confirmed that Marsh was responsible for obtaining the account information.
A source familiar with the issue suggested Marsh stole the information with the intention of selling it, but Gottlieb denied that this was the case.
He said: “To be clear, Mr. Marsh did not sell or ever intend to sell any account information to anyone.
“He did not post the information online, he did not share any account information with anyone or use it for any personal financial gain.
“He is devastated by what has occurred and is extremely sorry for his conduct.”
He also said Marsh has been cooperating with Morgan Stanley “to protect the firm and its customers”.
Morgan Stanley said there is no evidence that clients have suffered any financial losses, however, both the US law enforcement and regulatory authorities have been alerted and are currently investigating the incident.
The bank said it takes “extremely seriously its responsibility to safeguard client data”.
Clients are currently being contacted by the firm and its financial advisers as an “exercise of caution”, and security details will also be changed.
A spokesperson from the company said: “People are obviously concerned about the security of their information and we are addressing that.”
