This page has been archived and commenting is disabled.
Scottrade Compromised - Unauthorized Epsilon Access
No worries, only your email has been hacked this time. Your birthdate, address, social security, account and portfolio info are perfectly safe. "We want to assure you that Scottrade's systems were not affected and your account information remains secure." Sit back, put your feet up Scottrade is on it. Anonymous is that you?
From Scottrade:
»
- advertisements -
TD Ameritrade clients also hit with the alleged hack. Just got a notice today. According to the TD Ameritrade letter, it implied clearly that epsilon did not have Social Security Numbers and account balances, which probably means it does.
------------------
We recently posted a security message on the home page of our Web site. However, we wanted to contact you directly, in case you have not logged on to your account over the past few days. Epsilon, one of our marketing vendors, has informed us that an unauthorized party has accessed its files, which include some TD Ameritrade client names and email addresses.
What you need to know
•
Epsilon does not have TD Ameritrade client financial information or Social Security
Numbers and has informed us that only client names and email addresses
were acquired.
•
It is possible that the unauthorized person might send spam or try to use this
information to obtain more sensitive information, a process known as phishing.
Please be aware that TD Ameritrade will never ask you via email for your
account number, UserID, PIN or password.
•
This has affected other companies in the financial and retail sectors as well.
We want you to know that we take the security of our client accounts very seriously and are sorry for any potential inconvenience this situation may cause you.
If you have questions, you can learn more about this situation. For additional inquiries, please log on to your account and click "Message Center" (under Home) to write us. A representative will respond to your query through your Message Center inbox. You can also call Client Services at 800-669-3900. We're available 24 hours a day, seven days a week
TIAA-CREF got hit too, they sent out an email yesterday.
"Your full name and email address were compromised but not your account data."
I'll be fine - but a lot of the PhD's I work with will be easy marks.
this doesn't sound like a big deal.
something happened. people think they know what.
they do not know who. they do not know why.
apparently, except in rare case, this info is never found out, or available.
if i have info about myself everywhere. how can this info be stolen? oh! someone who wasn't 'authorized' got my information. really? imagine that!
Never believe the official story.
If they're saying your personal info is not compromised, that means it is. Or worst they have no idea what's going on.
My pin number? It's 0735, why?
I wonder if this has occoured to anyone, i didn't take time to read all
the comments, but what do you expect to happen when facebook and
others ask for your email address and PASSWORD. I mean really, are
these people that stupid, not to think, that once they get into your email
account that won't give (insert evil villian here) them a better profile of
who you are that the patriot act could have ever conceived with their
profiling agenda..... LETS JUST SEE HOW DUMB THEY REALLY ARE....
Can I have your Password, we'll never use it for anythin else other than
to connect the dots of your daily life....
I wanna PUKE!
Who remembers Roger Bannister? He famously broke the 4 minute mile barrier. The significance beyond the achievement is it made others aware it was possible and the barrier was quickly broken by many others.
This brings us to Stuxnet. The hack program credited with damaging Iran's nuclear program. Beyond it's achievement, it made all other hackers aware of an entirely new means of hacking and this massive breech may be just a sign of things to come.
I know I've made some very poor decisions recently, but I can give you my complete assurance that my work will be back to normal. I've still got the greatest enthusiasm and confidence in the mission. And I want to help you.
So you mean that email i received from my long lost uncle in zimbabwe trying to give me my entitled fortune of 7,000,000 dollar is a fake ? Now I'm going to have to stop payment on that $1,000,000 check !
Simlar notice from HealthNet a week or so ago, only it advised that pretty much everything was compromised...personal, financial and medical.
i already received about 10 of these emails from different companies.....i hope the hacks all start blowing thru my credit cards as i want to join in the fun and let make the banks take the loss
Never believe the official story.
Actually there's more to it, not just using credit cards to buy goods.
The hackers will lay low for a year or longer. They know people will contact credit bureaus for a 3-month "credit watch. "
Later on, they'll use your information to open credit accounts. By the time you figured out you've been punked you'll be left with a bitch of a credit mess to fix.
It'll not affect banks. It'll affect the consumer.
Epsilon manages emails for ~2500 companies. Lots of people got similar letters.
http://www.itnews.com.au/News/253712,epsilon-breach-used-four-month-old-...
Cloud computing anyone? Bad enough using your own storage/memory but paying an outfit to store all your info! I don't think so!
I see somebody also posted the Marriott letter. I also received one from Hilton Hotels.
TD Ameritrade had the same message up yesterday
Add in Bank of USSAmerica to this list
I closed my account out some time ago and still got the notice. Apparently they don't remove your information after you are no longer a customer.
That's correct. A few years ago laptops were stolen from Towers Perrin (big consulting firm) containing retirement data from Prudential Financial current and former employees.
To save money Prudential outsourced this job to these clowns.
Obviously, they tried to keep it all hush hush, and didn't contact the affected former and current employees months after the event.
I got this from Disney as well.
This was news... yesterday. I mean, it was in the MSM headlines yesterday. Catch up slackers.
delete/duplicate
I wonder why they didn't send it out to everybody? I have an IRA with Scottrade and I didn't recieve a notice form them.
Thanks to my dad, who hurls the term around in a derogatory manner, the 'Brave New World' definition of "Epsilon" springs to mind here.
Pre-2009 I worked for a firm whose parent was one of those moron TBTF banks that made it's employees go through endless and continual "compliance" red tape (which didn't prevent executives from engaging in all kinds of crooked, illegal and stupid activities).
Every month, every quarter, every new year: form signing, continuing education on-line programs, meeting attendance - endless bullshit essentially.
Anyway, one day we get this email that the bank's retirement services division left a few crates of paperwork on a loading dock (which then vanished) - chock full of employee SS#s, pass codes, account numbers etc. And for a fee (a fee!) we could elect to engage the services of a third party data security firm to "take action" to help prevent....something. Have a nice day!
Needless to say, when this TBTF bank blew up and it's stock went to the pink sheets it was in "full compliance" the entire time.
Epsilons indeed.
last week I moved, changed residences.
At the old address I left out for the trashmen
a nice old chinese abalone-inlay table,
some decent-looking mass-produced african prints in good frames,
and a black plasitc bag of garbage, table scraps and junk mail.
I burn all my personal papers in the fireplace.
before the garbage truck arrived,
someone stole the black plastic bag.
hmm.....
At my biz, we shred everything. And have a chain on top of the dumpster, as our 'trash' was being stolen. And people would put THEIR trash into it.
You can burn, shred all you want. Do you think you're safe?
The info is in cyberspace and that cannot be deleted. Companies don't want to spend $$$ safeguarding your info. Keep costs down. When you call some call center in India (for your Citi, Amex etc accounts) they know everything about you: SSN, credit card numbers.
I remember one time I got a call from Vanguard apologizing because account year end statements were sent in opened envelopes. They didn't want to spend $$$ on a better more expensive type of glue. WTF.
Opened envelopes were sent to clients with account statements showing Soc Sec, account numbers, balances. They had outsourced that job to a third party. See the pattern?
Was their trash more interesting than your trash???
Epsilon is obviously TBTF.
Epsilon Data Management is a unit of Alliance Data Systems
epsilon sized as opposed to being omega sized.
visa, and mobil gas cards....same deal
April 4, 2011
Dear Marriott Customer,
We were recently notified
by Epsilon, a marketing vendor used by Marriott International, Inc. to manage
customer emails, that an unauthorized third party gained access to a number of
Epsilon's accounts including Marriott's email list.
In all likelihood,
this will not impact you. However, we recommend that you continue to be on the
alert for spam emails requesting personal or sensitive information. Please
understand and be assured that Marriott does not send emails requesting
customers to verify personal information.
We take your privacy very
seriously. Marriott has a long-standing commitment to protecting the privacy of
the personal information that our guests entrust to us. We regret this has taken
place and apologize for any inconvenience.
Please visit our FAQ
to learn more.
Sincerely,
Marriott International, Inc.
Received similar notification from Robert Half International
Dear Valued Customer,
Today we were informed by Epsilon Interactive, our national email service provider, that your email address was exposed due to unauthorized access of their system. Robert Half uses Epsilon to send marketing and service emails on our behalf.
We deeply regret this has taken place and any inconvenience this may have caused you. We take your privacy very seriously, and we will continue to work diligently to protect your personal information. We were advised by Epsilon that the information that was obtained was limited to email addresses only.
Please note, it is possible you may receive spam email messages as a result. We want to urge you to be cautious when opening links or attachments from unknown third parties. We ask that you remain alert to any unusual or suspicious emails.
As always, if you have any questions, or need any additional information, please do not hesitate to contact us at customersecurity@rhi.com.
Sincerely,
Robert Half Customer Care
Robert Half Finance & Accounting
Robert Half Management Resources
Robert Half Legal
Robert Half Technology
The Creative Group
I'd better start checking my expenses on my visa and checking accounts so it seems.
Citibank also send a warning according invoice mails that don't get send 4 weeks ago.
Word to the WISE, if you use a DEBIT card, get rid of it asap.
I have $78.13 in my account with a debit card. They steal that much every time I go to the grocery store and gas up car.
Cash is King. Use real money. Why would you let big brother know what kind of shit paper you use?
Also by way of 'important' financial e-mails, this in from the 'special steward' to Col. Gaddafi ...
From: Bouba Mahmoud
Hello,
My name is Bouba Mahmoud, I am the special steward to the Col. Muammar Gaddafi.
I have worked in Government house for the past Ten years. It was a great
opportunity for me to achieved what I got today ...
To be explicit, I have secured the sum of US$18.5million dollars and sent it out
of the country during the time of the uprising against Muammar Gaddafi ...
I have a percentage for you in this transaction when you give me your words
indicating your interest ... I have a partner who will call to
confirm and claim the safety of the deposit.
I will be expecting your urgent response.
Yours truly,
Bouba Mahmoud
totally sketch. is this an inside job by the Fed? hackers have actually been all over the net lately, watch personal info anywhere online.
www.forecastfortomorrow.com
This seems to be an epidemic. In the last three days I have recieved the same notice from all the credit card companies I use and just this morning the same notice from Crucial, a company I bought some memory sticks from a few years ago.
People don't assume their e-mails are private do they? Or even their hard drives? Don't worry, they're just trying to stop terrorism.
Yeah, well the spammers/scammers, etc. are right on it. I'm getting the same notifications from Chase, Citi, AmEx, etc. Problem is I don't have any of their cards and never have. Lesson is, don't ever use a link in a message from any company/bank/etc. you get via email. When in doubt, type the URL in yourself...
That's because they all use Epsilon for their email campaigns, so it seems any company that has used Epsilon has shared their customers' email addresses:-)
Also a warning from TIAA-CREF:
April 5, 2011
TIAA-CREF has been informed by Epsilon, a vendor we use to send emails, that files containing the first names, last names and email addresses of some TIAA-CREF participants were accessed without authorization.
We have not shared any participant account or financial information with Epsilon. So, this incident has not compromised your TIAA-CREF accounts and they remain secure. For your security, however, we wanted to call this matter to your attention.
As always, do not reply to emails asking for your personal information, account numbers or any other type of confidential information. TIAA-CREF will never ask for your personal information or login credentials in an email.
Below are some additional precautions we recommend you follow:
We regret any inconvenience this may have caused and will keep you informed of relevant updates. For more information on TIAA-CREF’s commitment to keeping your personal information secure, please visit:
I'm moving my account to that incompetent stockbroker who lost most of his business to Scottrade.
You're a huckleberry!
Maybe this email is a phising email from the thieves... Never thought of that did you? Cunning Nigerians...
This Epsilon company is swiss cheese.
Are they using Norton? LOL
I just got a Citi credit card not too long ago - and not 2 weeks after having it they sent me almost the exact same thing via email - about Epsilon - wft if going on? Just checked - this was on April 4th...
"Recently, Citi was notified of a system breach at Epsilon, a third-party vendor that provides marketing services to a number of companies, including Citi. The information obtained was limited to the customer name and email address of some credit card customers. No account information or other information was compromised and therefore there is no reason to re-issue a new card."