EmailSafety.net - Caught with their breaches down

Caught with their breaches down

Anti-Spam Software

What is Spam?

Spam Laws

Spam Facts

User Tips

Common Email Scams

What Are Visuses?

Virus Prevention Tips

Anti-Virus Software

Basic Tips

Community

You have less than 24 hours to win $10,000 from Cisco

No pastures yet for retiring Cisco CFO Dennis Powell

Jeff Spagnola wrote first post in the new Cisco service provider blog

All security forums

Story tools

Sponsored by:

E-Mail article
Print article
Contact author	Reprint
AIM article	del.icio.us
Reddit	Digg
Stumble	Slashdot It!

The company says it will sign its customers up for the service on an exception basis -meaning they don’t automatically get it - but it doesn’t advertise this option in any of the literature it has put out concerning the data compromise.

New! Watch this Network World Webcast - Security Information Management Solutions: Beyond Threat Management

By contrast, in its initial August notification letter about a stolen laptop that contained sensitive employee data, AT&T offered employees a free, one-year credit-watch service.

This is just one aspect of how Ameritrade is handling the data breach that rankles its customers. “They could say, 'We've done everything we can to protect you, but because we don't want to take any chances with our very valuable customers, we're going to offer you this triple protection,'” says David O’Berry, an Ameritrade customer who went through multiple rounds of e-mails before finally the company told him about the credit watch.

O’Berry, the IT director for South Carolina’s Department of Probation, Parole and Pardon, is also worried that what he has been able to learn about the incident and the subsequent investigation is that it is inconclusive. That leaves him uncomfortable.

Ameritrade told its customers Sept. 14 that it had discovered unauthorized code in its systems that allowed outsiders to retrieve data from client databases. It has hired ID Analytics to do a forensic investigation of the intrusion.

Ameritrade says it knows that names, addresses, phone numbers, e-mail addresses and miscellaneous trading information such as the number of trades placed by a particular person over a given period, but not what particular shares were bought or sold.

The company says it knows for sure that Social Security numbers for some of its clients - those acquired from TD Waterhouse - were not taken, and it doesn’t know about the rest. But a spokeswoman says that as forensics consultants wade further back in time through the database, they will be able to say for sure whether the rest of the Social Security numbers were accessed.

1 | 2 | 3 | Next >

Recent News:

· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered

Site Map | Recent News | Related Sites

Other stories on this topic

Community

Story tools

Sponsored by: