an unauthorized third-party gained access to two customer accounts and obtained private information

I’m guessing this is similar to the InfoSys McCamish breach earlier this year (mentioned in the article), so Fidelity itself probably wasn’t breached, it’s probably things like 401k accounts and whatnot at large-ish customers.

As a Fidelity customer, I’ve been pretty happy with their level of security. They’re one of the few financial institutions that supports app-based TOTP MFA (SymantecVIP), and they have some other tech as well to protect those who don’t use that option. So hopefully this is a nothing story.