SysKoll wrote:jgombos wrote:I responded to Ameritrade essentially stating that investigating the attacker is inadequite, and that they need to take steps to ensure email addresses are protected from insiders. I also asked for compensation for the disclosure. Here is the body of their response:Ameritrade wrote:We appreciate your comments and suggestions regarding the Spam e-mails you have received. We will definitely keep you posted on any information that becomes available in this matter and of any future actions we take to mitigate the improper disclosure of your e-mail address. In the meantime, I have provided a copy of your letter to our Information Security department for their review. In an effort to help make up for your frustration, I?ve credited your account with 10 commission-free Internet equity trades good until November 1, 2006. This is everything I can do in this matter.
I personally thank you for the opportunity to be of service in this matter. On behalf of TD AMERITRADE, we look forward to serving your investment needs in the future.
It's a great response. That's the response I was looking for.
Any news on their "investigation"?
Guys,
Looks like there is news about Ameritrade. They got pwned, and so did clients' data! See this iWeek story.
It was kind of obvious for those who followed the Ameritrade saga that started here in 2005, but it's nice to see them confirm it, finally.
Remember, you read it here first!