Sign in / up

back to article Scottrade admits server snafu blabbed 20,000 customer files to world

Online brokerage Scottrade has admitted sensitive loan applications from roughly 20,000 customers were exposed to the world by a fumble-fingered third-party supplier. The cockup occurred when IT services biz Genpact uploaded the sensitive information to an Amazon-hosted server and didn't lock the box down – allowing its …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *

  1. This post has been deleted by its author

  2. Christoph

    "Vickery said account passwords were stored in plain text"

    Helloooo! This is 2017! Wakey wakey!

    5 1 Reply
    1. J. Cook Silver badge
      Reply Icon
      Pint

      I start a four day weekend in two hours.

      Mmm.... Eggs and baccy. *drools*

      Yeah, that was definately a RGE* or a CLM**.

      * Resume Generating Event

      ** Career Limiting Move

      0 1 Reply
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: I start a four day weekend in two hours.

        Eggs and baccy?

        Im assuming thats a Belgian "Adinkerke" special breakfast. Something you'd consume before a hard day at Plopsaland.

        0 0 Reply
        1. Korev Silver badge
          Reply Icon
          Joke

          Re: I start a four day weekend in two hours.

          More salt in that than there was in their passwords...

          0 0 Reply
    2. Ian Michael Gumby
      Reply Icon

      No security.

      SQLServer DB , plaintext and it looks like no or little security.

      They should be hit with massive fines because of lax security. Note: They moved PII data in to the cloud which exposes them to more risk. Had the unsecured server been behind their firewalls, less risk of damage.

      If I were a Scottrade customer, I'd start a class action lawsuit.

      Yes its 2017... no excuse.

      0 0 Reply
  3. Anonymous Coward
    Anonymous Coward

    "xposed to the world by a fumble-fingered third-party supplier."

    No matter how good Cloud security is, this type of clusterfuck will always exist as a risk. Bet they don't talk about that much in sales pitches to corp execs. That's why its better to exclude in-house IT from these off-sites!!!

    0 1 Reply
  4. Potemkine Silver badge

    Culture of accountability

    Genpact: key offices in New York City, but headquarters in Hamilton, Bermuda. Also among the “Top 25 Best Companies to Work For”... in India.

    It tells a lot about what Genpact is.

    2 0 Reply
  5. Anonymous Coward
    Anonymous Coward

    they never learn

    Seems to be all too common. I have friends who work at one of the UK's largest stockbroking firms said they keep all customer data in plain text including passwords, phone, address, bank details. Just another Talktalk waiting to happen ...

    0 0 Reply
  6. Anonymous Coward
    Anonymous Coward

    Since when did 'contacted' become 'reached out'?

    Reaching out is something you do when the piccalilli is not within an optimal arc of the breadboard.

    2 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon