- REUTERS/Sarah Conard
Retail brokerage Scottrade was a victim of a cyberattack.
The attack, which lasted from late 2013 to early 2014, affected a system that had data on 4.6 million clients, according to a press release from the brokerage.
“We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised,” Scottrade said in the statement.
“Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident.”
The attack appears to have been aimed at stealing client names and street addresses, according to the release.
Scottrade is notifying and offering identity protection services to the roughly 4.6 million clients whose information was in the targeted database.
Here’s the full press release:
Federal law enforcement officials recently informed us that they’ve been investigating cybersecurity crimes involving the theft of information from Scottrade and other financial services companies. Based on our investigation and information provided by federal authorities, we believe the illegal activity involving our network occurred between late 2013 and early 2014, and targeted client names and street addresses. Although Social Security numbers, email addresses and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident. We have no reason to believe that Scottrade’s trading platforms or any client funds were compromised. Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident. We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm. We have taken appropriate steps to further strengthen our network defenses. As a precaution, however, we are directly notifying and offering identity protection services to approximately 4.6 million clients whose information was in the targeted database. We take the security of the information entrusted to us very seriously and are fully cooperating with law enforcement in its investigation and efforts to bring the perpetrators to justice.