Full Text

Scottrade Bank, a subsidiary of Scottrade Financial Services, Inc., recently secured a MSSQL database containing sensitive information on at least 20,000 customers that was inadvertently left exposed to the public.

The database was discovered by MacKeeper researcher Chris Vickery on March 31, when he was searching for random phrases on the domain s3.amazonaws.com.

Once the database was discovered, Vickery says he contacted the company and was eventually connected to a staffer on the Scottrade Bank security team who helped secure the data. Two days later, Vickery said, he confirmed that the problem was resolved.

In addition, Vickery says the database also contained internal information, such as plain text passwords and employee credentials used for API access to third-party credit report websites.

Scottrade Bank DB example Chris Vickery

In a statement, Scottrade spokesperson Shea Leordeanu said the database was secured in six hours, and an investigation into the incident is ongoing.

"We are a customer focused company, and will always act...