Scottrade Client Names Stolen in Online Breach Ending in 2014by
Attack on database with information on 4.6 million clients
Company says no client funds or trading platforms breached
Names and addresses were stolen from a database with information on 4.6 million clients of online brokerage Scottrade Financial Services Inc. in 2013 and 2014, the company said on its website.
The company was told of the breach by federal authorities investigating cyber crimes involving the theft of information at the securities company and other firms, according to the statement. Scottrade said it was notifying clients and beefing up network defenses.
“We’re confident our trading platforms and client funds were not impacted in any way,” Shea Leordeanu, vice president of public relations at Scottrade, said by phone. “We were alerted by federal authorities in late August that this had occurred and initially were asked not to share the information as they wanted to finish their investigation. We are confident we have secured the intrusion point and have further strengthened our network defenses.”
Online intrusions into financial infrastructure are becoming increasingly common. In August, U.S. authorities broke up an alleged insider trading ring that relied on computer hackers to steal press announcements and then profited by trading on the sensitive information before it became public.
More than a dozen U.S. depository institutions reported hacks in 2012 and 2013 that prevented consumers from accessing their websites, according to a Sept. 28 report from Standard & Poor’s. Last year, the personal data of tens of millions of JPMorgan Chase & Co. customers were compromised in a breach. The bank spent $250 million on cybersecurity in 2014 and will increase that to $450 million by next year, S&P said.
“Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident,” Scottrade said in its statement.