John, found it:
Gottfried had posted the article here: Message 21498113
( All the brokerage firms should use encryption technology. )
financialcryptography.com
George's story - watching my Ameritrade account get phished out in 3 minutes
On the morning of May 5 2005, I decided to work from home [writes George Rodriguez in a great expose of how phishing is spreading through American retail finance].
As I'm checking emails I start receiving email notifications from my on-line broker Ameritrade. The email notifications kept coming one after the other, you just sold out of Duke, you just sold out of Home Depot, you just sold out of Ford, I watched on my screen as the flurry of emails kept coming across my screen, pretty much my entire portfolio of Stocks was being sold out right before my eyes. I took notice of the time when I received the first email confirmation, it was 9:31AM and as you know the equity market opens up at 9:30AM. My heart was racing, I was stunned and I said to myself this can be happening to me, I'm a business and technology savvy as I've worked for major investment banks and brokers as a consultant in the areas of technology trading for equity and fixed income markets.
I looked at my watch and it was now 9:34AM, it seemed like hours have gone by. I picked up the phone and called Ameritrade and spoke to a client-rep and walked him through the entire activities to my account. As I'm the phone with the client rep, I continue to get more email notifications selling out more stocks in my portfolio. I also noticed an email that was sent to me by Ameritrade, you requested and have changed your primary email address to some hotmail address I did not recognize, the interesting piece of information on the email was the time it was sent, 4:45AM. I quickly related this information to the client rep and asked him what bank information he had on file. He went on to say, you requested to have your bank account changed from Wachovia bank to Bank of America in Dallas Texas. I said well let's get on the phone with Bank of America and see who's behind the account. Well Ameritrade said we can't do that. I said wait a minute, someone is committing bank fraud, internet fraud as we speak and you can't represent me your client? No sir the client rep responded
Message 21250790
AMERITRADE loses customer ACCOUNT info
As many as 200,000 current and former customers' personal information is unACCOUNTed for.
April 20, 2005: 12:58 PM EDT
NEW YORK (CNN) - AMERITRADE said Tuesday ACCOUNT information may have been lost for up to 200,000 customers when a package containing tapes with back-up information on customer ACCOUNTs went missing.
Message 21301280
Backups tapes a backdoor for identity thieves
In many cases, low paid workers are handling sensitive tapes, but only a small fraction of companies are securing the data with encryption.
By Robert Lemos, SecurityFocus Apr 28 2005 2:26PM
securityfocus.com
Large companies are reconsidering their security and backup policies after a handful of financial and information-technology companies have admitted that tapes holding unencrypted customer data have gone missing.
Last week, trading firm AMERITRADE acknowledged that the company that handles its backup data had lost a tape containing information on about 200,000 customers. |
