AOH :: ISNQ4593.HTM

Ameritrade "knew about data leak for ages"




Ameritrade "knew about data leak for ages"
Ameritrade "knew about data leak for ages"



http://www.theinquirer.net/default.aspx?article=42490 

By Nick Farrell
20 September 2007

AMERITRADE IGNORED repeated warnings from an IT insecurity expert 
starting January 9, 2006, that its systems were being hacked.

According to Network World [1], the outfit allowed data to be leaked for 
more than a year before telling its six million users that they might 
have been victims.

E-mails obtained by Network World show that Ameritrade's security might 
have been wide open since 2005. However the company ignored the fact 
that its punters were getting swamped with stock related spam.

Last Friday Ameritrade publicly acknowledged that unauthorised code on 
its systems had allowed certain information stored in one of its 
databases, including e-mail addresses, to be retrieved by an external 
source. The security expert who wanted Ameritrade, Joshua Fritsch sent 
Network World copies of the emails he sent to Ameritrade on January 2006 
which warned of the hack.

In return, he got a patronising email from Ameritrade back insisting 
that there was nothing wrong.

Ameritrade spinners are still claiming that the outfit did not know that 
they were being hacked or the scale of the problem.

[1] http://www.networkworld.com/community/node/19720 


__________________________________________________________________      
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com 

Site design & layout copyright © 1986-2014 CodeGods