http://www.theinquirer.net/default.aspx?article=42490 By Nick Farrell 20 September 2007 AMERITRADE IGNORED repeated warnings from an IT insecurity expert starting January 9, 2006, that its systems were being hacked. According to Network World [1], the outfit allowed data to be leaked for more than a year before telling its six million users that they might have been victims. E-mails obtained by Network World show that Ameritrade's security might have been wide open since 2005. However the company ignored the fact that its punters were getting swamped with stock related spam. Last Friday Ameritrade publicly acknowledged that unauthorised code on its systems had allowed certain information stored in one of its databases, including e-mail addresses, to be retrieved by an external source. The security expert who wanted Ameritrade, Joshua Fritsch sent Network World copies of the emails he sent to Ameritrade on January 2006 which warned of the hack. In return, he got a patronising email from Ameritrade back insisting that there was nothing wrong. Ameritrade spinners are still claiming that the outfit did not know that they were being hacked or the scale of the problem. [1] http://www.networkworld.com/community/node/19720 __________________________________________________________________ CSI 2007 is the only conference that delivers a business-focused overview of enterprise security. It will convene 1,500+ delegates, 80 exhibitors and features 100+ sessions/seminars providing a roadmap for integrating policies and procedures with new tools and techniques. Register now for savings on conference fees and/or free exhibits admission. - www.csiannual.com
This archive was generated by hypermail 2.1.3 : Thu Sep 20 2007 - 22:30:05 PDT