Scottrade reveals data breach affecting millions of users

This past Friday, Scottrade announced that it had suffered a data breach potentially affecting millions of users. The breach happened some time between the end of 2013 and the beginning of 2014, possibly affecting users who opened an account before February of last year. In a statement, the company revealed that it appeared only contact data was targeted in the breach — names and home addresses, namely. Concerns abound that the hackers may use the stolen data to manipulate stocks.

According to a statement posted on its website, Scottrade was made aware of the data breach via federal law enforcement officials who have been probing data theft from financial services, including Scottrade. Once it was notified, Scottrade began its own investigation, and combined with the details it received from the government, the company states that the hack happened in 2013/2014.

The database that was compromised contained social security numbers, email addresses, and other customers data of a "sensitive" nature, but Scottrade says it believes that contact information was the "focus of the incident." The company doesn't believe any funds were stolen. Passwords were/are encrypted, it says, and nothing fraudulent has been found since the hack.

A total of 4.6 million clients had their data in the database, and as a precaution, Scottrade says it is notifying all of those users. It also says it has boosted its network security, and it is working with law enforcement as the investigation continues. The company is also offering affected users a year of AllClear ID protection services to help ensure against fraud.

SOURCE: Wall Street Journal