Is TD Ameritrade Doing Right By Its Customers After Its Security Breach?
Companies Can Learn From Don Imus' Blunder About How to Manage a Data Breach

Inside Job at TD Ameritrade's Data Breach?

While many seem to be accepting at face value the spam claim by TD Ameritrade about their data breach, SC Magazine is asking one of the tough questions. In his article, Jim Carr writes:

"Was TD Ameritrade, which revealed on Friday that contact information for 6.3 million customers was stolen from one of its databases, victimized by an attack from an insider?"

Carr quotes Phil Neray, Vice President at Guardium, who asserts:

"This has all the signs of an inside job... I would say it's highly likely that is was done by a privileged administrator within Ameritrade."

My point: the hard questions have to be asked and answered. And this is one of them. I learned this from my experience with IBM's data breach. When companies experience a data breach, they have to be forthcoming with answers to the tough questions to give their customers (and investors) some assurances of data security. In my experience, IBM didn't and my confidence with IBM declined as a result.

Avoidance or reluctance to answer the tough questions means there's effectively no accountability... no oversight about the internal investigation. This leaves ID-theft victims wondering if anyone is telling them the truth, or the whole truth.


Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.