Charles Schwab Corp., the parent company of TD Ameritrade, has announced a data breach resulting from vulnerabilities in the MOVEit file transfer software. While the computer systems of both companies remain unaffected, customer data stored on Ameritrade’s MOVEit server has been compromised. The incident is currently under investigation by Charles Schwab and TD Ameritrade, and affected customers will be notified once a thorough analysis is completed.
This data breach holds significant implications as it contributes to one of the largest breaches of 2023, affecting millions of Americans. The compromised information puts individuals at a heightened risk of identity theft and fraudulent activities. It is crucial for customers who receive a data breach notification from TD Ameritrade or Charles Schwab to understand the potential risks involved and take appropriate measures to safeguard their personal information.
The breach was caused by vulnerabilities discovered in the MOVEit software, which TD Ameritrade had been using on a limited basis. Upon detecting a zero-day vulnerability, TD Ameritrade swiftly responded by ceasing the use of MOVEit and promptly notifying law enforcement. An investigation is currently underway to determine the extent of the breach and the specific client data that may have been exposed. While the investigation is ongoing, Schwab estimates that approximately 0.5% of Ameritrade’s clients, potentially up to 55,000 individuals, may have been affected.
Charles Schwab emphasized its commitment to providing regular updates to clients as new information emerges, ensuring direct communication with affected individuals. It is expected that either TD Ameritrade or Charles Schwab will issue data breach letters to impacted customers in the near future. The severity of this MOVEit hack is evident as other notable organizations, including Calpers and Genworth Financial, have also reported compromised personal information. The group responsible for the attack, Cl0p, has already published Shell’s data on the dark web after the company failed to pay the ransom, leaving the fate of TD Ameritrade uncertain.
