http://www.theglobeandmail.com/servlet/story/LAC.20070828.RTRADEFREEDOM28/TPStory/Business By Roma Luciw August 28, 2007 Online broker TradeFreedom Securities Inc. has quietly notified an unidentified number of its customers that a computer security breach has compromised some of their personal information, potentially exposing them to fraud. In what it described as a follow-up to an Aug. 17 notice to clients, it said in a Friday e-mail that it had finished its investigation into the "recent unauthorized intrusion" of one of its computer systems. "We have subsequently determined that, despite our security systems in place at the time, this unauthorized intrusion has also resulted in the compromise of some of your personal information," TradeFreedom said. "This information is your name, social insurance number, city, province and postal code." Citing a continuing police investigation by the Sret du Qubec, TradeFreedom president Bruce Seago said he could not release any details about the nature or timing of the computer security breach. "We are dealing with our customers on a case-by-case basis and communicating directly with them based on how they have been impacted, if at all, by this situation. Not all of our customers have been," he said, adding that "not every single customer was impacted in the exact same way." TradeFreedom's investigation has not found any evidence that client's accounts and assets have been compromised. "None of our customers have suffered a financial loss as a result of this." The online broker said it has deleted personal customer data from the affected computer system, which it described as secondary and not the one their clients trade on. The Bank of Nova Scotia agreed to buy the Montreal-based firm on June 26, a deal that has not yet closed. Colin McKay, a spokesman at the federal Office of the Privacy Commissioner of Canada, said the commission is "concerned" with the breach. "You would expect an online business, especially a securities business, to have the highest level of security," he said. TradeFreedom reported the incident to the commission last week. The privacy commissioner is now waiting for more details on what exactly happened and what steps the broker is taking to remedy the situation. So far, one person has called about the breach. "One complaint or one comment from a consumer is enough for us to start looking into it and ask them for more information," Mr. McKay said. "Depending on the information they give to us, we may very well launch a commissioner-initiated complaint or investigation." TradeFreedom's website had no mention of the security breach Monday, although the client e-mail provided customers with a link to information on how to minimize the risk of identity theft. The company is also offering its customers a one-year subscription to an electronic credit monitoring service. ____________________________________ Attend HITBSecConf2007 - Malaysia Taking place September 3-6 2007 featuring seven tracks of technical training and a dual-track security conference with keynote speakers Lance Spitzner and Mikko Hypponen! - Book your seats today! http://conference.hitb.org/hitbsecconf2007kl/
This archive was generated by hypermail 2.1.3 : Tue Aug 28 2007 - 22:23:46 PDT