Scottrade suffers hack; 4.6M customers notified of breach

The brokerage firm confirmed the attack, but said the focus of the attack was client contact details rather than financial information.

Retail brokerage firm Scottrade confirmed Friday it fell victim to a cyberattack two years ago.

In a brief statement on its website, the Missouri-based company said it was informed by federal law enforcement of "illegal activity involving our network" that occurred between late-2013 and early-2014.

Over 90 percent of data breaches in first half of 2014 were preventable

Over 90 percent of data breaches in first half of 2014 were preventable

Read More

"Although Social Security numbers, email addresses and other sensitive data were contained in the system were accessed, it appears that contact information was the focus of the incident," the statement read.

As many as 4.6 million clients, whose contact information is thought to have been taken, are being notified by the brokerage firm.

Financial information, such as client funds or trading platforms, are not said to have been compromised, the company said.

Passwords were also encrypted, but it's not clear which cryptography -- some of which are widely considered deprecated -- was used by the company.

A Scottrade spokesperson was not immediately available by email, but said in a statement to journalist Brian Krebs, who first reported the breach, that the focus of the attack was "a list of client names and street addresses" that was taken from its systems.

Krebs hypothesized that the stolen contact to facilitate stock scams by way of spam emails.

It's the third such cyberattack reported this week, following Patreon's hack and subsequent data dump, and the theft of millions of T-Mobile customer records from credit firm Experian.

Show Comments