Scottrade announced on Friday that it was a victim of a cyber attack from late 2013 to early 2014 that compromised client names and addresses in a database with information on approximately 4.6 million customers. Scottrade found out about this attack from federal law officials who were investigating the theft of data from financial service firms. To this point, no other online brokers have announced similar issues in regards to this investigation.
Scottrade said in a note on their site, “Although Social Security numbers, email addresses, and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident.” They also said they have no reason to believe client funds or any of the Scottrade trading platforms had been compromised during this attack. About what they have done Scottrade says, “We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm. We have taken appropriate steps to further strengthen our network defenses.”
As a precaution Scottrade has directly notified those clients whose information was targeted in the database, and those clients will be offered identity protection services for a year free of charge.
All client passwords remain encrypted. While the company isn’t necessarily requiring customers to change their passwords, it’s a good idea to periodically to change them.
For the full cyber security note from Scottrade click here.