Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Hack May Have Hit 4.6 Million Online Brokerage Customers

US online brokerage firm Scottrade said Friday it was notifying some 4.6 million customers about a hack into its database which could have leaked private information.

US online brokerage firm Scottrade said Friday it was notifying some 4.6 million customers about a hack into its database which could have leaked private information.

Scottrade said in a statement it was notified of the incident by US federal officials who “recently informed us that they’ve been investigating cybersecurity crimes involving the theft of information from Scottrade and other financial services companies.”

The company said it believes that “the illegal activity involving our network occurred between late 2013 and early 2014, and targeted client names and street addresses.”

“Although Social Security numbers, email addresses and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident,” the statement said.

“We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised.

Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident.”

Scottrade said it was working with “a leading computer security firm” to assess the impact of the breach and strengthen its network.

It said it was notifying customers of the hack “as a precaution.”

Advertisement. Scroll to continue reading.

The news comes one day after T-Mobile said 15 million customer records may be been leaked in an attack on credit monitoring bureau Experian, and follows a series of other high-profile incidents involving corporate and government databases.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cloud Security

VMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10.