MOVEit Breach Put Data of 61,000 TD Ameritrade Clients at Risk

A Charles Schwab location in New York

What You Need to Know

TD Ameritrade is one of hundreds of companies and government agencies affected by a cyberattack on a third-party file transfer system.
Client data compromised in the hack included names and Social Security numbers, the firm says.
Schwab reported in July that it had halted use of the MOVEit system and was working with law enforcement.

The personal data of more than 61,000 TD Ameritrade clients was exposed to hackers who breached an outside file transfer system, Progress Software’s MOVEit, according to an Aug. 3 Notice of Data Breach that the Charles Schwab-owned firm, which uses the software, sent to clients.

The breach was part of a broad criminal hacking operation related to a vulnerability in the MOVEit transfer software. The hacking operation has hit hundreds of companies and government agencies globally.

In the notice, TD Ameritrade outlined what occurred, the steps it’s taken to protect client information, and additional steps clients can take to ensure their information is further protected.

On May 30, the firm “became aware of a security incident involving MOVEit Transfer, a software application historically used by TD Ameritrade … to share files,” it said in the letter.

“Since learning of the incident, we have conducted a thorough investigation and determined that, between May 28, 2023, and May 30, 2023, unauthorized individuals accessed a TD Ameritrade application of the MOVEit Transfer software and stole data.”

TD Ameritrade parent company Charles Schwab and Ashden Fein, a partner at Covington & Burling, its counsel, didn’t immediately respond to a request for comment on Wednesday to provide an update.

See also  SCOTUS Denies Review Mayer v. Ringler on Insurance Clause - The National Law Review

But TD Ameritrade said in its letter: “No other TD Ameritrade or Schwab systems or data were impacted, and all systems are operating normally. The results of our investigation have indicated that some of your personal information was included in the incident.”