TD Ameritrade received warnings that its data leak disclosed recently in early 2006, indicating the actual leak occurred much earlier.
According to Network World, which obtained emails indicating TD Ameritrade knew of the issue, an IT security expert warned the online broker starting in Jan. 9, 2006.
The warning detailed how the data leak was resulting in a barrage of unwanted spam to customers. TD Ameritrade detailed the breach on Sept. 14, more than 20 months later.
In the Network World report, TD Ameritrade defended the delayed disclosure adding that the company didn't know how information was leaking.
Network World includes the email trail and notes that the lawsuits over the incident may pile up.
One thing is clear: This incident is a definite black eye for a company that had a relatively pristine IT image until now.