[NYTr] TD Ameritrade Database Hacked, Customer Info Stolen

[All the News That Doesn't Fit]

AP via CNBC - Sep 14, 2007
http://www.cnbc.com/id/20775257

TD Ameritrade Hacked; Customer Info Stolen

By AP 14 Sep 2007 

Online brokerage TD Ameritrade Holding AMTD said Friday one of its
databases was hacked and contact information for its more than 6.3
million customers was stolen.

A spokeswoman for the Omaha-based company said more sensitive
information in the same database, including Social Security numbers and
account numbers, does not appear to have been taken.

The company would not share many details of its investigation,
including when the hack took place, because it is still looking into
the theft and cooperating with investigators from the FBI, Securities
and Exchange Commission, Financial Industry Regulatory Authority and
local authorities.

Ameritrade's customers have received unwanted e-mail ads because of the
data theft. Spokeswoman Katrina Becker said there is no evidence that
any customer suffered financial losses or was a victim of identity
theft.

Becker would not say why the company was confident Social Security
numbers had not been taken.

Other Ameritrade databases where information such as passwords, user
IDs and personal identification numbers are kept were not violated, the
company said.

Ameritrade plans to notify its customers about the data theft Friday,
and the brokerage posted information about it on its Web site.

"While the financial assets our clients hold with us were never
touched, and there is no evidence that our clients' Social Security
Numbers were taken, we understand that this issue has increased
unwanted SPAM, which is annoying and inconvenient for them," Chief
Executive Joe Moglia said in a statement. "We sincerely apologize for
that and any added concern this may have caused."

Ameritrade is telling customers they don't need to do anything with
their accounts except "remain alert in guarding their personal
information." The company's asset-protection guarantee would cover any
losses in Ameritrade accounts because of identity theft or fraud.

Ameritrade said it is confident that it identified how the information
was stolen and has changed its computer code enough to prevent the
theft from recurring. It said any new client who opened an account
after July 18 was not affected.

Ameritrade discovered the breach in its system during a routine review
of complaints about e-mail ads and repaired it only recently,
spokeswoman Kim Hillyer said. But the company's investigation was able
to determine that the database had not been hacked after July 18.

"As soon as we found the issue and were able to stop it, we made plans
to notify clients," Hillyer said.

Ameritrade hired ID Analytics, which has expertise in identity theft,
to help with the investigation, and it plans to con

© 2007 The Associated Press.