TD Ameritrade issued a press release Friday with another nugget of information in it.

TD AMERITRADE Holding Corporation (NASDAQ:AMTD) has discovered and eliminated unauthorized code from its systems that allowed access to an internal database. The discovery was made as the result of an internal investigation of stock-related SPAM.

Making conclusions off press releases and news articles is a fool’s exercise, but I’m a fool and I like to exercise. This tidbit could indicate malware, possibly from an endpoint. The focus on SPAM also seems to support more of a malware than SQL Injection.

Either way, don’t forget to check out our survey and make your own best, uninformed, guess.

On the bright side, it looks like they are handling the situation aggressively, notifying early, and so far the focus is on email addresses, not financial info.