TD Ameritrade is a huge investment company with as many as 11 million current customers. The organization serves investors from all parts of the world and manages more than $1 Trillion in investment funds. The organization was recently the victim of a data breach, exposing thousands of customers to potential problems. Even a company as large as Ameritrade isn't safe from the latest data attacks.
TD Ameritrade and its parent company Charles Schwab haven't released specific data about the information lost during this data breach. We only know that personal information and likely financial data were lost in the breach. Other than that, we have no way to know what was lost. It's likely that Social Security numbers, names, phone numbers, email addresses, and more were involved, but we will have to wait for an official notice release from the companies.
This Ameritrade breach occurred like the dozens of others this year related to the MOVEit file transfer software. The major secure file-sharing solution MOVEit suffered from a Zeroday vulnerability. That vulnerability enables attackers to access documents connected to it, making huge numbers of files vulnerable to the exploit. The Russian-linked hackers behind the attacks have been gathering information and using it to attempt to collect ransoms.
We suspect this data breach occurred sometime in June of 2023. That's the time that most of the companies were exploited by the data breach, and it's likely Ameritrade was then as well.
This breach affects Ameritrade customers specifically. As many as 5,500 customers are thought to be involved in this breach. That's a substantial number of potential victims that have to worry about the breach.
We don't yet have information about the file count involved in this Ameritrade breach. We suspect it's a large number of documents that were taken.