By Nick Farrell
20 September 2007
AMERITRADE IGNORED repeated warnings from an IT insecurity expert
starting January 9, 2006, that its systems were being hacked.
According to Network World , the outfit allowed data to be leaked for
more than a year before telling its six million users that they might
have been victims.
E-mails obtained by Network World show that Ameritrade's security might
have been wide open since 2005. However the company ignored the fact
that its punters were getting swamped with stock related spam.
Last Friday Ameritrade publicly acknowledged that unauthorised code on
its systems had allowed certain information stored in one of its
databases, including e-mail addresses, to be retrieved by an external
source. The security expert who wanted Ameritrade, Joshua Fritsch sent
Network World copies of the emails he sent to Ameritrade on January 2006
which warned of the hack.
In return, he got a patronising email from Ameritrade back insisting
that there was nothing wrong.
Ameritrade spinners are still claiming that the outfit did not know that
they were being hacked or the scale of the problem.
CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques. Register now for savings on conference fees
and/or free exhibits admission. - www.csiannual.com