- Report: #1262013
Complaint Review: Scottrade - Nationwide
-
Author Not Confirmed
Why?
Scottrade
Nationwide, USA
Web:
https://Scottrade.com
Categories:
Business Rating:
(0)
Tell us has your experience with this business or person been good?
Scottrade Allowed 4.6 Million+ Customer To Be Hacked By Ignoring Whistleblower Complaints About Cybersecurity Faults Saint Louis Nationwide
Dear Sir/Madam,
I am writing to express my concerns about a behavior of Scottrade Bank and their affiliates which may have adversely exposed my personal information and lead to identity theft and fraud.
Specifically, in going through my records in order to better understand how I could resolve ongoing identity theft, I discovered that when applying for a bank account at Scottrade Bank, Scottrade Bank improperly handled a number of documents which had very personal information on them. The actions of Scottrade Bank not only broke from the current standards of data security but also broke Scottrade Bank's internal policies regarding handling customer information.
Specifically, on or around July 13, 2013 (China Time), Mr. Chuck, a regional manager from Scottrade Bank offered to receive Scottrade Bank account application documents via email. Email is a notoriously insecure medium of communication yet Mr. Chuck allowed and offered to receive the documents via email, despite the fact that it was against Scottrade Bank's internal policies and does not have any of the normal safeguards in place to handle personal customer information. The July 13, 2013 email contained PDF attachments that included my full name, signature, address, bank account numbers, Social Security Number, and other very personal and sensitive information.
As is clear by Scottrade's online disclosures and policies, Scottrade Bank states that it will never transmit customer information over email and or ask for or receive personal information via email, however, Mr. Chuck, a manager at Scottrade encouraged me to send the information by email to expedite the process, with no disclose of the security concerns. I am writing today to ask Scottrade to explain, in a public forum, why they let my personal information be transmitted in a way that puts me at significant risk to identity theft.
I would also like to know what the current status of the email and personal information is, has it been deleted, has it been accessed, are emails records secure, who could have gained access, was the email accessed via HTTP or HTTPS, was it confirmed a secure connection?
The actions of Mr. Chuck, put me at my personal information at risk and could have likely been the direct cause for hackings that happened weeks latter and accounted for over 800,000 of fraud.
Sincerely Yours,
