Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED ABOUT A MINUTE AGO.
You are here: Home / Network Security / Scottrade Breach Hits 4.6M Users
Scottrade Data Breach Hits 4.6M Customers, Contact Info Targeted
Scottrade Data Breach Hits 4.6M Customers, Contact Info Targeted
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
OCTOBER
05
2015

October is National Cyber Security Awareness Month and it kicked off with the wrong kind of bang as Scottrade announced a security breach. The investment accounts and brokerage services firm published a report about a hack that exposed 4.6 million clients to cybercriminals.

A federal investigation revealed that illegal activity involving its network occurred between late 2013 and early 2014, and targeted client names and street addresses, according to a Scottrade statement. Social Security numbers, e-mail addresses and other sensitive Relevant Products/Services were stored in the breached system, but it appears that the contact information was the hacker’s main focus.

“We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised. Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident,” the company said in the statement. “We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm. We have taken appropriate steps to further strengthen our network defenses.

This Is Mindboggling

We turned to Mark Bower, global director of product management, enterprise data security for HP Data Security, to get his reaction to the data breach. He told us it’s almost mindboggling that yet another major data breach has been revealed in less than a week. He was referring to news of last week's Experian data breach that exposed 15 million T-Mobile customers to hackers.

“In this case, while the passwords may remain safe, one has to ask if the customers’ personal data was protected in the same manner,” Bower said. “With the available technologies today to protect sensitive data very easily and quickly, it’s a simple matter to cover all sensitive databases to protect consumer trust and satisfaction.”

Bower said it’s important that businesses follow best practices of encrypting all sensitive and regulated data as it enters their ecosystems, and have the protection follow the data at rest, in use and in motion. He said this is especially urgent in the financial services industry and with data processors.

New Table Stakes ‘Take’

Casey Ellis, CEO of Bugcrowd, a firm that helps organizations like Pinterest, Telsa and Western Union run crowdsourced security programs, told us he’s watching one thing closely: a trend away from credit card data -- or the table stakes "take" of the cybercriminal -- toward personal data.

“There has been a shift in targeting, which to me signals a shift in the way criminals are calculating their return on investment in these hacks,” Ellis said. “It also indicates that criminals are becoming more efficient in capitalizing personal data, which is interesting, too. Extracting a gain from personal information at scale is far more cumbersome than pulling money from a stolen credit card."

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN NETWORK SECURITY
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.