I have resisted the pressure to do online banking. Having been in banking and having 44 years of Information Technology (IT) experience, I am not convince that Internet security will soon be “hacker proof”. I was on the team that installed the first ATM in the State of Oklahoma around 1976. I hacked the ATM in a test which would allow me to remove all the cash in the ATM. NCR fixed their bug. Credit card usage allows verification of charges BEFORE payment, not after. That is why I don’t use a debit card.
Below is a prime example of why I don’t trust Internet financial transactions:
An email from Scottrade:
We are writing to share with you important information about a security compromise involving a database containing some of your personal information, as well as steps we are taking in response, and the resources we are making available to you.
Federal law enforcement officials recently informed us that they’ve been investigating cybersecurity crimes involving the theft of information from Scottrade and other financial services companies. We immediately initiated a comprehensive response.
Based upon our subsequent internal investigation coupled with information provided by the authorities, we believe a list of client names and street addresses was taken from our system. Importantly, we have no reason to believe that Scottrade’s trading platforms or any client funds were compromised. All client passwords remained encrypted at all times and we have not seen any indication of fraudulent activity as a result of this incident.
Although Social Security numbers, email addresses and other sensitive data were contained in the system accessed, it appears that contact information was the focus of the incident.
The unauthorized access appears to have occurred over a period of several months between late 2013 and early 2014. We have secured the known intrusion point and conducted an internal data forensics investigation on this incident with assistance from a leading computer security firm. We have taken appropriate steps to further strengthen our network defenses.
What Happens Now
Federal authorities had requested that they be allowed to complete much of their investigation before we notified clients. In coordination with them, we are now able to alert you of this incident. We are fully cooperating with law enforcement in their investigation and prosecution of the criminals involved.
Notices like this one are being sent to all individuals and entities whose information was contained in the affected database, and we have included here information about steps you can take to protect yourself.
Information about this incident is available online at https://About.Scottrade.com/CyberSecurityUpdate, and we will update that web page if new data becomes available.
What You Can Do
As always, we encourage you to regularly review your Scottrade and other financial accounts and report any suspicious or unrecognized activity immediately. As recommended by federal regulatory agencies, you should remember to be vigilant for the next 12 to 24 months and report any suspected incidents of fraud to us or the relevant financial institution. Please also read the important information included on ways to protect yourself from identity theft.
We encourage clients to be particularly vigilant against email or direct mail schemes seeking to trick you into revealing personal information. Never confirm or provide personal information such as passwords or account information to anyone contacting you. Please know that Scottrade will never send you any unsolicited correspondence asking you for your account number, password or other private information. If you receive any letter or email requesting this information, it is fraudulent and we ask that you report it to us at firstname.lastname@example.org. Be cautious about opening attachments or links from emails, regardless of who appears to have sent them.
Identity Theft Protection
As a precaution, Scottrade has arranged with AllClear ID to help you protect your identity at no cost to you for a period of one year. You are pre-qualified for identity repair and protection services and have additional credit monitoring options available, also at no cost to you.
You can call AllClear ID with any concerns about your identity at 855.229.0083. This hotline is available from 8:00 am to 8:00 pm (central) Monday through Saturday.
We have also included additional steps you could consider at any time if you ever suspect you’ve been the victim of identity theft. We offer this out of an abundance of caution so that you have the information you need to protect yourself.
We are very sorry that this happened and for any uncertainty or inconvenience this has caused you. We know that incidents like these are frustrating. We take the security of your information very seriously and are committed to continually strengthening and evolving our defenses based on new and emerging threats.
Brokerage products and services offered by Scottrade, Inc. – Member FINRA and SIPC.