Germany-headquartered online advisory firm Scalable Capital has fallen victim to a data leak.
According to local newspaper Merkur, the fintech company has suffered a “data protection incident” which saw confidential data being stolen.
The clients affected were informed of the incident in a letter which claimed there had been an “unlawful access” of confidential client information in its document archive.
The firm said that contact information, securities accounts, tax identification numbers, accounts with other banks and ID details were all accessed during the breach.
Scalable believes that around 20,000 customers in Germany and the UK were impacted by the data leak.
An inside job
The firm discovered the incident on 16 October 2020 and said it took all the necessary measures to avoid an additional breach from taking place.
Regulators have also been informed of the “unlawful access”, and a complaint was filed with the public prosecutor.
The robo-adviser believes the leak was down to extensive insider knowledge, as it said there is no externally exploitable security gap in its system.