Last week was apparently a dark one for the security world, after TD Ameritrade notified their customers that a security breach
had occurred. With over six million people using their services, all of which were there for financial reasons, it's expected that they might be a high-profile target. The actual break-in occurred several weeks ago, and there is no mention as to why notification was delayed until Friday. The official press release was not issued until today, and brings to light more information about what the notification was for.
In particular, a database containing critical information like addresses and social security numbers was compromised. Ameritrade is saying there is no “evidence” to suggest the information was stolen:
Ameritrade, however, stressed it has no evidence that social security numbers and client demographics, such as date of birth and trading activity information, were retrieved or used to commit identity theft. The company also notes that Ameritrade's user log-ins and passwords were not part of the database.
However, that doesn't mean their customers should rest easy. The official press release, downloadable as a PDF from their site
, they claim a third party company has already complete an investigation and has concluded that no evidence of “identity theft” is present. Still, it would be wise for anyone involved to watch out for phishing attempts as a result of information that may have been pilfered.