[ISN] LPL to pay $275K fine for hacking incidents

From: InfoSec News <alerts_at_private>
Date: Wed, 17 Sep 2008 02:04:45 -0500 (CDT)
http://www.investmentnews.com/apps/pbcs.dll/article?AID=/20080915/REG/309159969

By Sara Hansard
Investment News
September 15, 2008 

LPL Financial has agreed to pay a $275,000 penalty for violating 
customers' privacy, the Securities and Exchange Commission said 
Thursday.

In July 2007, at least 10,000 customers were left vulnerable to identity 
theft following a series of hacking incidents into Boston-based LPL's 
online trading platform as a result of the brokerage firm's failure to 
adopt policies and procedures to safeguard customers' personal 
information, the SEC said in a statement (InvestmentNews, July 8).

LPL, which has more than 1 million customer accounts, agreed to pay the 
fine without admitting or denying the findings.

In mid-2006, LPL conducted an internal audit that identified inadequate 
security controls at its branch offices and specifically identified a 
risk from hacking, according to the SEC. But LPL failed to take timely 
corrective action, the SEC said.

[...]


__________________________________________________      
Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
http://conference.hackinthebox.org/hitbsecconf2008kl/
Received on Wed Sep 17 2008 - 00:04:45 PDT

This archive was generated by hypermail 2.2.0 : Wed Sep 17 2008 - 00:39:20 PDT