cyber Breach

Scottrade

Aug 31, 2022 1 min read
Scottrade

Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc. suffered a data breach incident after an MSSQL database containing sensitive information on at least 20,000 customers was inadvertently left exposed to the public.

The exposed database had no encryption and included 48,000 lessee credit profile rows and 11,000 guarantor rows.

Each row contained information such as Social Security Numbers, names, addresses, phone numbers, and other information that one would expect a bank to possess.

The database also contained internal information, such as plain text passwords and employee credentials used for API access to third-party credit report websites.

Scottrade notified the affected individuals and resolved the issue soon.

Source: https://www.csoonline.com/article/3187480/scottrade-bank-data-breach-exposes-20000-customer-records.html

TPRM report: https://scoringcyber.rankiteo.com/company/scottrade

"id": "sco13722822",
"linkid": "scottrade",
"type": "Breach",
"date": "04/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 20000,
                        'industry': 'Financial Services',
                        'name': 'Scottrade Bank',
                        'type': 'Bank'}],
 'attack_vector': 'Exposed Database',
 'data_breach': {'data_encryption': 'No',
                 'number_of_records_exposed': ['48,000 lessee credit profile '
                                               'rows',
                                               '11,000 guarantor rows'],
                 'personally_identifiable_information': ['Social Security '
                                                         'Numbers',
                                                         'Names',
                                                         'Addresses',
                                                         'Phone Numbers'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Customer Information',
                                              'Internal Information']},
 'description': 'Scottrade Bank, a subsidiary of Scottrade Financial Services, '
                'Inc. suffered a data breach incident after an MSSQL database '
                'containing sensitive information on at least 20,000 customers '
                'was inadvertently left exposed to the public.',
 'impact': {'data_compromised': ['Social Security Numbers',
                                 'Names',
                                 'Addresses',
                                 'Phone Numbers',
                                 'Plain Text Passwords',
                                 'Employee Credentials'],
            'systems_affected': ['MSSQL Database']},
 'response': {'communication_strategy': 'Notified affected individuals',
              'remediation_measures': 'Resolved the issue'},
 'title': 'Scottrade Bank Data Breach',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Unsecured MSSQL Database'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.