Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

Hack May Have Hit 4.6 Million Online Brokerage Customers

US online brokerage firm Scottrade said Friday it was notifying some 4.6 million customers about a hack into its database which could have leaked private information.

US online brokerage firm Scottrade said Friday it was notifying some 4.6 million customers about a hack into its database which could have leaked private information.

Scottrade said in a statement it was notified of the incident by US federal officials who “recently informed us that they’ve been investigating cybersecurity crimes involving the theft of information from Scottrade and other financial services companies.”

The company said it believes that “the illegal activity involving our network occurred between late 2013 and early 2014, and targeted client names and street addresses.”

“Although Social Security numbers, email addresses and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident,” the statement said.

“We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised.

Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident.”

Scottrade said it was working with “a leading computer security firm” to assess the impact of the breach and strengthen its network.

It said it was notifying customers of the hack “as a precaution.”

The news comes one day after T-Mobile said 15 million customer records may be been leaked in an attack on credit monitoring bureau Experian, and follows a series of other high-profile incidents involving corporate and government databases.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption