?

Log in

[icon] Ameritrade admits to security breach - Patti
View:Recent Entries.
View:Archive.
View:Friends.
View:Profile.
View:Website (pattib.org).

Security:
Subject:Ameritrade admits to security breach
Time:01:11 pm
I've written a few times about my Ameritrade email addresses being leaked. I got this today:

From: TD AMERITRADE
Subject: Important information about your TD AMERITRADE account

TD AMERITRADE

September 14, 2007

You do not need to make any changes to your TD AMERITRADE accounts or to
change the way you do business with us.
Dear (me),

Let me tell you why I am sending you this email. While investigating client
reports about the industry-wide issue of investment-related SPAM, we recently
discovered and eliminated unauthorized code from our systems. This code
allowed certain client information stored in one of our databases, including
email addresses, to be retrieved by an external source.

Please be assured that UserIDs and passwords are not included in this
database, and we can confirm that your assets remain secure at TD AMERITRADE.

What we want you to know:

* Once we discovered the unauthorized code, we took immediate action to
eliminate it. We are confident that we have identified the means by which
the information was accessed and have taken appropriate steps to prevent
this from reoccurring.
* You continue to be covered by our Asset Protection Guarantee, which
protects you and your assets from any unauthorized activity that may occur
in your account through no fault of your own. If you lose cash or
securities as a result of such activity, we will reimburse you for the
cash or shares of securities you lost.

While Social Security Numbers are stored in this particular database, we have
no evidence to establish that they were retrieved or used to commit identity
theft. To further protect you, we have hired ID Analytics, which specializes
in identity risk, to investigate and monitor potential identity theft. ID
Analytics provides identity risk services to many of the country's largest
banks and telecommunication companies, as well as government agencies.
Following its initial evaluation, ID Analytics found no evidence of identity
theft as a result of this data breach. We will retain its services on an
ongoing basis to support your TD AMERITRADE accounts and to monitor for
evidence of identity theft. We will alert and advise you if any is found. As
always, we encourage you to remain alert in guarding your personal
information, regularly review your account statements and monitor your credit
activity from the major reporting agencies.

For more information on protecting yourself against the possibility of
security threats, please visit our online Security Center.

We sincerely apologize to you for this situation and want to assure you that
protecting the security and privacy of your assets and information remains a
top priority. We have made and will continue to make significant investments
in security software, systems and procedures, and we will remain vigilant
about protecting you.

We want to answer any questions and address any concerns that you may have
about this matter. For more information, including a list of Frequently Asked
Questions (FAQs) and an additional message from me, please go to www.amtd.com
or contact Client Services. Please note that we are anticipating increased
call volume during this period, which may lead to long wait times. We
encourage you to review the FAQs and, if you have a question, to log on to
your account and send us a secure email. Once again, please be assured that
your assets are secure at TD AMERITRADE.

Sincerely,
Joe Moglia
CEO
TD AMERITRADE
-----------------------------------------------------------------

TD AMERITRADE understands the importance of protecting your
privacy. We are sending you this notification to inform you of
important information regarding your account. If you've elected
to opt out of receiving marketing communications from us, we will
honor your request to unsubscribe from future emails now.

TD AMERITRADE, Inc., member FINRA/SIPC. TD AMERITRADE is a
trademark jointly owned by TD AMERITRADE IP Company, Inc. and The
Toronto-Dominion Bank. (c) 2007 TD AMERITRADE IP Company, Inc.
All rights reserved. Used with permission.

Distributed by: TD AMERITRADE, Inc., 1005 North Ameritrade Place,
Bellevue, NE 68005

Given that this has been happening for a year now, I'm less than impressed by the whole thing. Oh yeah... your social security number was in the breached database, but don't worry about that at all. Mmmm hmmm.
comments: Leave a comment Previous Entry Share Next Entry


allknight
Link:(Link)
Time:2007-09-15 04:56 pm (UTC)
I got this same email Patti, this country really needs to do more about identy theft period!
(Reply) (Thread)


allknight
Link:(Link)
Time:2007-09-15 04:57 pm (UTC)
Whoops I should have added that this doesn't mean I am not a little pissed at TDAmeritrade too though...
(Reply) (Thread)


whipartist
Link:(Link)
Time:2007-09-15 05:00 pm (UTC)
Not nearly as pissed as I am. I have hard evidence that this started in December of 2005 or earlier. I personally reported it to them twice-- August of last year and April of this year.
(Reply) (Parent) (Thread)


allknight
Link:(Link)
Time:2007-09-15 05:05 pm (UTC)
Sounds like criminal negligence Patti. So do you do anything extra personally to protect your identity?
(Reply) (Parent) (Thread)


whipartist
Link:(Link)
Time:2007-09-17 07:14 am (UTC)
Sorry I didn't answer yesterday, but I haven't been home.

What I do in a nutshell: nothing. What I do in a slightly larger shell: keep a mild eye on my credit reports, cross my fingers.
(Reply) (Parent) (Thread)


allknight
Link:(Link)
Time:2007-09-17 07:41 am (UTC)
Thanks for your reply, I pretty much have done the same or very similar.
(Reply) (Parent) (Thread)


adbjupe
Link:(Link)
Time:2007-09-16 01:43 am (UTC)
I am missing this line:
In order to ensure the continued safety of your account, please change your password here: http://www.ameruskitrade.com/new-password
(Reply) (Thread)


whipartist
Link:(Link)
Time:2007-09-17 07:15 am (UTC)
Yeah, one would think. As it turns out, it was a 100% legit announcement. It's actually from Ameritrade, and I've personally experienced email address leaks from this breach.
(Reply) (Parent) (Thread)

[icon] Ameritrade admits to security breach - Patti
View:Recent Entries.
View:Archive.
View:Friends.
View:Profile.
View:Website (pattib.org).