In particular, a database containing critical information like addresses and social security numbers was compromised. Ameritrade is saying there is no “evidence” to suggest the information was stolen:
Ameritrade, however, stressed it has no evidence that social security numbers and client demographics, such as date of birth and trading activity information, were retrieved or used to commit identity theft. The company also notes that Ameritrade's user log-ins and passwords were not part of the database.
However, that doesn't mean their customers should rest easy. The official press release, downloadable as a PDF from their site, they claim a third party company has already complete an investigation and has concluded that no evidence of “identity theft” is present. Still, it would be wise for anyone involved to watch out for phishing attempts as a result of information that may have been pilfered.