FBI Investigating Online Brokerage Hacks

The government has launched investigations into fraud cases in which computer hackers apparently manipulated client accounts at two of the nation's largest electronic brokerages, stealing millions of dollars.

Officials at TD Ameritrade Holding Corp. said Tuesday that the fraud cost the company about $4 million in the July-September quarter. Last week, E-Trade Financial Corp. said the company lost about $18 million in a similar scheme during its third quarter.

Both companies reimbursed customers for their losses.

Ameritrade's chief operating officer, Randy MacDonald, said the fraud that his company experienced during the quarter was part of an industrywide problem and that the company was working with the FBI and other law enforcement agencies.

Ameritrade officials said the problem largely occurred overseas when clients were using either wireless networks or public computers infected with spyware, and user IDs and passwords were stolen.

"We're spending a lot of time educating our clients about the need to keep their information secure," MacDonald said. "And we're working with software vendors to develop new techniques for preventing this from even happening at their keyboard level."

Officials at Omaha-based Ameritrade and E-Trade, which is headquartered in New York, said that while hackers manipulated individual accounts, their own computer systems remained secure.

E-Trade Chief Executive Mitchell Caplan told analysts during a conference call last week that the fraud his company saw appeared to be concentrated in eastern Europe and Thailand, according to a transcript provided by Thomson Financial's StreetEvents.

"We believe that we've made a significant number of operational changes and technology changes," Caplan said during the call. "We've seen that level of fraud in the last three weeks or so reduced to almost zero as a result of the changes we're making."

Both E-Trade and Ameritrade have insurance that may cover some of their fraud losses. They reimbursed their clients because both companies offer their clients asset protection guarantees.

The Securities and Exchange Commission, like the FBI, is investigating hacking fraud throughout the online brokerage industry.

SEC spokesman John Heine in Washington declined comment Tuesday on the Ameritrade and E-Trade cases.

Officials of the SEC and other law enforcement agencies, along with representatives of online brokerage firms, were meeting Wednesday to discuss the issue, said John Reed Stark, head of the SEC's Office of Internet Enforcement.

"We've seen an increase in the number of intrusions," Stark said. "These innovative frauds often involve an intricate web of participants that are not only committing securities fraud but are also committing identity theft and hacking as well."

Ameritrade's chief executive, Joe Moglia, said he thinks this latest rash of fraud and identity theft is under control, but it's a problem the industry and society will always have to contend with.

"From the beginning of time, there's always been someone trying to take advantage of someone else," Moglia said.


  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.