BreachExchange mailing list archives
Brokerage fined $375,000 in data-breach case; alleged hackers arrested and extradited from Eastern Europe
From: Jake Kouns <jkouns () opensecurityfoundation org>
Date: Tue, 13 Apr 2010 00:14:22 -0400
http://blog.thenewstribune.com/business/2010/04/12/brokerage-fined-375000-in-data-breach-case-alleged-hackers-arrested-and-extradited-from-eastern-europe/ If you’ve got a brokerage account with D.A. Davidson, then it’s likely that you’ve already heard about the breach in security and what the company has done to secure a remedy. As a penalty, the Financial Industry Regulatory Authority announced this morning that it has fined the Montana-based financial services firm $375,000 for failing to protect confidential client information. The company’s computer data were invaded, and confidential information downloaded, in 2008. The accused hackers, Latvian natives, then attempted to blackmail the firm. The company immediately reported the incident and assisted the Secret Service in identifying “four members of an international group suspected of participating in the hacking attack of the firm. Three of those individuals have been extradited from Eastern Europe, arrested and are facing charges in federal court in Montana,” according to a FINRA release. In assessing the penalty, FINRA considered Davidson’s response to protect its customers and cooperation with authorities. To date, no clients have suffered any instance of identity theft related to the incident. In settling the case, the firm neither admitted nor denied the charges, but consented to the entry of FINRA's findings. Jacquie Burchard, D.A. Davidson spokeswoman, said today, “We responded as quickly as possible and helped our clients. We provided them with free credit-monitoring service for two years, and had a phone bank available immediately. We feel that we were definitely on the ball and watching out for our clients’ interests.” Burchard noted that regulators were complimentary of the firm's response to the crime. She also said the firm received an audit report attesting to its strong security a few months before the intrusion, and that Davidson was in the process of upgrading its security system at the time. Said FINRA Executive Vice President and Executive Director of Enforcement James S. Shorri, "Broker-dealers must be especially vigilant about protecting its customers' confidential information, which includes ensuring that its technology is sufficient.” To check whether your broker has been the subject of disciplinary action, visit www.finra.org/brokercheck or call 800-289-9999. _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Get business, compliance, IT and security staff on the same page with CREDANT Technologies: The Shortcut Guide to Understanding Data Protection from Four Critical Perspectives. The eBook begins with considerations important to executives and business leaders. http://www.credant.com/campaigns/ebook-chpt-one-web.php
Current thread:
- Brokerage fined $375,000 in data-breach case; alleged hackers arrested and extradited from Eastern Europe Jake Kouns (Apr 12)