14 DAY TRIAL // Now, here's a bizarre case of data breaching for you. The TD Ameritrade Company had a huge database with sensitive information belonging to clients. And when I say huge, I mean 6.3 million accounts. Hackers broke into it using the classic backdoor tactic, so what was weird in that? Well, the fishy part was that they didn't actually steal all the data that was available to them. They just retrieved info such as e-mail addresses, names, street addresses and phone numbers. That all means to me - huge spam campaign on the way! More sensitive info, such as account numbers, date of birth and social security numbers have not been acquired. They were stored in the database, but apparently, the hackers just browsed those, without retrieving them.
"While the financial assets our clients hold with us were never touched, and there is no evidence that our clients' Social Security Numbers were taken, we understand that this issue has increased unwanted SPAM, which is annoying and inconvenient for them," said Joe Moglia, chief executive officer. "We sincerely apologize for that and any added concern this may have caused."
"Following our thorough analysis, we found no evidence of identity theft related to TD AMERITRADE clients as a result of this issue," said Mike Cook, chief operating officer of ID Analytics, Inc. "In our opinion, TD AMERITRADE is applying proven measures and technologies to help protect its clients from identity theft." So this just backs up my opinion of a spam campaign being imminent.
Of course, this is not something new in the IT world, security breaches happen every day. Not to the same company, of course, but data leaks occur all around the world even as we speak. What surprised me this time is that the hackers have not taken full advantage of the firm's situation. They could have done a lot more damage, but they limited themselves to this.