Earlier today, TD Ameritrade announced that customer data was retrieved from an internal database. The data accessed includes email addresses, names, addresses, and phone numbers, but not Social Security numbers, passwords, or personal identification numbers. AMTD has hired ID Analytics, which specializes in pattern recognition technology and also serves companies in financial services and telecommunications, to look for any evidence of ID theft. AMTD told its clients that Following our thorough analysis, we found no evidence of identity theft related to TD Ameritrade clients as a result of this issue.
The investigation was triggered by complaints from customers that they had received spam email. As a result of the investigation, the company discovered and eliminated unauthorized code that allowed an external source to retrieve certain client information from the database in question.