TD Ameritrade discovers database breach

Summary:Online broker TD Ameritrade said Friday that it has discovered a database breach that compromised customer accounts. In a statement, TD Ameritrade said it "discovered and eliminated unauthorized code from its systems that allowed access to an internal database.

Online broker TD Ameritrade said Friday that it has discovered a database breach that compromised customer accounts.

In a statement, TD Ameritrade said it "discovered and eliminated unauthorized code from its systems that allowed access to an internal database." TD Ameritrade found the breach as it was investigating stock-related spam.

Disclosure: I have more than a passing interest in this since I'm a TD Ameritrade customer.

Here's what TD Ameritrade's analysis revealed:

  • Assets are safe since user IDs, personal identification numbers and passwords were kept in a separate database;
  • Email addresses, names, addresses and phone numbers were taken. This fact explains why TD Ameritrade was investigating a bunch of spam complaints;
  • Account numbers, date of birth and Social Security numbers were in the breached database but not taken.

CEO Joe Moglia apologized for the unwanted spam and said there was "no evidence" that sensitive data was taken. TD Ameritrade also hired ID Analytics to monitor for potential identity theft.

The company also said that clients don't have to do anything special other than monitoring their personal information.

Update:  TD Ameritrade is seeing heavy call volume over this issue. The log-in screen gives you the following message:

For more information regarding the recent communications about the SPAM investigations, please go to www.amtd.com. You'll find our Frequently Asked Questions and see a message from our CEO, Joe Moglia. If you would like to discuss this with one of our representatives, please feel free to send us an email or give us a call. We are anticipating higher than normal call volumes, so you may experience longer than normal hold times.

Further comment from Michael Krigsman.

Topics: Software, Security

About

Larry Dignan is Editor in Chief of ZDNet and SmartPlanet as well as Editorial Director of ZDNet's sister site TechRepublic. He was most recently Executive Editor of News and Blogs at ZDNet. Prior to that he was executive news editor at eWeek and news editor at Baseline. He also served as the East Coast news editor and finance editor at CN... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.