If you've bought shares using retail broker Scottrade in the last few years, you may want to get in touch with the biz because its servers have been plundered by hackers unknown.
The firm only found out about the data breach when the Feds got in contact to let it know. It now appears that 4.6 million customer accounts have been compromised. The IT security breach occurred between "late 2013 and early 2014", and the intruders primarily went after customer names and addresses, we're told.
"Although Social Security numbers, email addresses, and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident," the firm said in a statement.
"We have no reason to believe that Scottrade's trading platforms or any client funds were compromised. Client passwords remained fully encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident. We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm."
If you've used Scottrade to buy stocks since February 2014 you may be receiving a notice from the firm if your account has been compromised. The biz is offering the now-traditional one year of credit protection services, but – based on the information targeted – it's more likely that you'll be deluged with spam.
Scottrade is one of the larger retail brokers out there, and a mailing list of users would be very useful for stock scammers. Expect to get a lot of offers for penny stocks that are about to explode in value, sent by the pump-and-dump merchants, as well as offers for stocks that look too good to be true (hint: they are).
Nevertheless, it's a worrying sign of poor computer security that a company doesn't realize it was hit two years ago and only finds out when the Feds came calling. The IT staff at Scottrade will be getting a boot up the backside from management, one imagines. ®