by Mike Masnick
Mon, Sep 17th 2007 12:11pm
Late Friday, the news broke that TD Ameritrade is the latest in a long, long, long, long, long list of companies who have leaked data of its customers. In this case (as in many others) it was apparently due to their computers getting hacked. Considering how many similar stories we see, it almost didn't seem worth writing about. However, it appears that Ameritrade was well aware of the hacking long before they disclosed it. According to a lawsuit that was filed months ago, Ameritrade users had been receiving stock spam to unique email addresses provided only to Ameritrade as far back as October of 2006 -- and some of those users had reported this to Ameritrade. Then, back in May, Slashdot ran a detailed piece on the apparent leaking of Ameritrade email addresses, and even questioned why Ameritrade had not disclosed this breach, as is required under California law. The lawsuit, filed at the end of May, questions this as well. Yet, Ameritrade waited until now to disclose that their systems had been hacked, making email addresses available to people. Amusingly, Slashdot's report on this fails to note Slashdot's earlier story that helped spur the lawsuit and apparently pushed Ameritrade to finally investigate the claims. Either way, it raises questions about why Ameritrade waited this long to inform its customers that their emails had been leaked, despite pretty clear evidence of a leak from quite some time ago.
If you liked this post, you may also be interested in...
- T-Mobile Customer Data Leaked By Experian... And Faulty Encryption Implementation
- CIA, FBI And Much Of US Military Aren't Doing The Most Basic Things To Encrypt Email
- Why Backdoors Always Suck: The TSA Travel Locks Were Hacked And The TSA Doesn't Care
- It Only Took GM Five Years To Patch Dangerous Vulnerability Impacting Millions Of Automobiles
- Lionsgate Sues TD Ameritrade For Seven Figures Over Lame Reference To A Dirty Dancing Line