Lincoln National - 2010

Lincoln National Corp. (LNC) last week disclosed a security vulnerability in its portfolio information system that could have compromised the account data of approximately 1.2 million customers. In a disclosure letter sent to the Attorney General of New Hampshire Jan. 4, attorneys for the financial services firm revealed that a breach of the Lincoln portfolio information system had been reported to the Financial Industry Regulatory Authority (FINRA) by an unidentified source. The unidentified source sent FINRA a username and password to the portfolio management system. "This username and password had been shared among certain employees of [Lincoln Financial Services] and employees of affiliated companies," the letter says. "The sharing of usernames and passwords is not permitted under the LNC security policy."UPDATE (2/17/2011): Lincoln National Corporation was fined $600,000 by the Financial Industry Regulatory Authority for failing to adequately protect customer information.  Failing to require brokers working remotely to install security software on personal computers led to the fine.