Scottrade, a retail brokerage firm, announced late last week that it suffered an intrusion by cyber hackers who stole client contact information of 4.6 million customers. The intrusion occurred between late 2013 and early 2014 (coincidentally, the same time as the Target intrusion, the Excellus intrusion and others).
Although the hackers reportedly only stole customers’ names and street addresses, and did not have access to Social Security numbers or other sensitive data, Scottrade will offer identity theft protection services to the 4.6 million customers affected by the data breach. Unfortunately, hackers use contact information for fishing expeditions and social engineering strategies.
Scottrade announced the data breach on Friday, October 2nd, and was hit with a proposed class action data breach suit the same day in California federal court. The suit alleges that Scottrade was negligent in failing to exercise reasonable security precautions, and that Scottrade had experienced previous incursions and had been warned that its security measures were inadequate, and failed to heed those warnings.