Looks like we’ve had another data breach. TD Ameritrade is now notifying 6.3 million customers. If we use my ridiculously low estimate of $2 per notification, they just erased $12.6M from the books. I can think of a lot of good security technologies (and people) that cost less.
I’m being a bit of an ass and there are probably good people there, but we still can’t excuse these incidents. They’re also doing the right thing and paying for an ID theft investigation on top of their own internal investigations.
According to Dark Reading we know:
The company uncovered the malicious code in one of its databases during an audit, which is part of a stock spam investigation. Sources familiar with the breach said the code is not unlike the code used to steal data on 1.3 million users at Monster.com.
Based on that one line, I’d lay odds on SQL injection. But let’s take a poll (this is really just an excuse to test my new polling system):
TD Ameritrade also said:
The brokerage firm says it is confident that it has identified the method in which the information was stolen and has taken the appropriate steps to prevent it from recurring.
I really hope they release this information to help the rest of us make informed decisions.