Cyber Incident Victim: FXCM
Date:
Oct 2015
Location:
United States of America
Summary
Foreign-exchange broker FXCM experienced a data breach where hackers stole funds from customer accounts via unauthorized wire transfers, prompting private client notifications advising password changes. The company reversed the transactions and restored affected accounts, though its delayed public disclosure coincided with an 8% stock decline amid existing reputational challenges from prior financial instability. This incident occurred alongside separate cybersecurity breaches affecting multiple financial and technology firms during the same period.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In October 2015, foreign-exchange broker FXCM suffered a data breach that allowed hackers to initiate unauthorized wire transfers from customer accounts. The company privately notified clients via email about the breach but did not immediately disclose the incident publicly. FXCM advised affected customers to change their account passwords as a precautionary measure. The breach resulted in illegal transactions involving a small number of client accounts, though the company stated all unauthorized transfers were reversed and missing funds fully restored. FXCM confirmed direct communication with all impacted customers regarding these corrective actions. The incident occurred against a backdrop of existing customer dissatisfaction stemming from FXCM's $300 million bailout in January 2015 following losses related to the Swiss Franc revaluation.
The breach's disclosure contributed to an 8% decline in FXCM's stock value after the company eventually issued a public press release about the incident. This financial impact compounded operational challenges for the brokerage, which faced scrutiny over its security practices amid broader cybersecurity failures affecting financial institutions that week. Concurrent breaches included Scottrader's exposure of 4.6 million customer accounts and Experian's loss of data for 15 million T-Mobile clients. FXCM's incident shared characteristics with these contemporaneous attacks through unauthorized access to financial systems, though the company maintained its breach was limited in scope and fully remediated. The cumulative effect of these security failures highlighted systemic vulnerabilities across multiple financial service providers during this period.