The Vanguard Group, the world’s largest mutual fund company, has fired a whistleblower who shared information with TheStreet about deficiencies in the company’s customer account security.
Karen Brock, a client relationship administrator in Vanguard’s Scottsdale, Ariz., office, had told me that customers could access their Vanguard accounts even after entering typographical errors in their personal security answers. In my own account at Vanguard, I have repeatedly tested her assertions and found them to be true.
Brock also had detailed the complaints of a customer who said that he had asked his son to mimic his voice to test Vanguard’s “Voice Verification System.” Vanguard’s system allowed the son to gain access to the father’s account, Brock said. She also shared an internal training document where the names, email addresses, phone numbers and account numbers of several current or prospective clients had evaded the redaction process.
You can read my article about Brock’s firing here. You can see the original article that led to the firing here.