AMP Trading data breach (70 gigs, ~100k files - customer data) | Reviews of Brokers and Data Feeds


futures.io - futures trading strategies, market news, trading charts and platforms


Reviews of Brokers and Data Feeds


Review and discuss futures brokers, their requirements and features, or ask questions about brokers and data feeds




 

AMP Trading data breach (70 gigs, ~100k files - customer data)

  #50 (permalink)

London
 
Trading Experience: Beginner
Platform: Ninjatrader
Favorite Futures: FGBL, CL
 
Posts: 31 since Jan 2014
Thanks: 8 given, 15 received

new email from AMP

"
We are sending you this email as an update following the notice we sent to you on April 28, 2017 (available here: https://clients.ampfutures.com/notice-customer-data-incident-report) in order to keep you abreast of the most recent developments.

As you were informed in that notice, a well-known Cybersecurity research company had reached out to us to alert us about a possible vulnerability in one in-house back-up file storage server. There was only one server of this type on our network and only this server has an apparently open design flaw. Since AMP had not authorized anyone elseís entry into its systems, we took immediate steps to secure our customers data. We took care to follow our Cybersecurity procedures which have previously been reviewed by our industry regulators as well as federal government agencies.

AMP has confirmed that no one other than the research company accessed the database:

Due to the nature of the access, AMP has been able to determine only one instance of outside access to the server through a thorough examination of the server logs. This access was traced directly to the point the security firm contacted AMP. The backdoor this research company exposed is an app that allows access to the server. This access leaves a definitive trace log, and is the only way into the server without authorization. AMPís IT providers studied the trace logs and confirmed there was only one access that was unaccounted for, which was the research companyís activity. Hence, we have an account of all of the traffic to the server. At no point prior to the research company gaining access did any other entry occur. Therefore, we can say with certainty that only the research companyís access was successful, and hence our customer data was not accessed by anyone else.

The contents of the database that the research company was able to access:

The database that this research company was able to access includes but is not limited to account opening documentation done on paper only, of accounts that opened before October 2010 and 1099 tax documents of US customers from 2015 and before, which qualifies as Personal Identifying Information. However, we have been reassured that this research company has taken steps to keep the data secure and encrypted. The research company has stated that they are working with the SEC and will follow instructions from them regarding the fate of the data they were able to access. AMP is working with federal authorities to ensure that our customer data is safe and secure and will not be used for unlawful purposes such as identity theft.

Data is not accessible to the public

We have no evidence that suggests that personal information accessed by the research company from the database has been or will be used to commit identity theft. On the contrary, it is our belief that this research company is on a mission to make the world of cyberspace a safer place. To be clear, that access was limited to our back-up file storage server, that has a design flaw which the research company knows and understands well. We took their guidance as well as our own IT providers to block access to the server and take it off line. There was no access to the AMP Customer Portal, Customer funds, and no access to any of the trading platforms networks.

Subsequent actions by AMP

The access into the back-up file storage server was quickly determined and that access blocked, and very soon thereafter we decommissioned the accessed server altogether. We have also taken steps to implement end-to-end encryption on all of AMPís housed data, for all data both in transit and at rest.

AMP has been in contact with various federal agencies as well as our regulators, and is working under their guidance, along with the research company to ensure the safety of our customer data.

AMP continues to be alert and monitor for evidence of identity theft. We will continue to provide alerts throughout this process if any further circumstances arise.

Additional precautions

As always, we encourage you to remain alert in guarding your personal information, regularly review your account statements and monitor your credit activity from the major reporting agencies. You may change your password to your portal and trading platform as an additional precaution, change your passwords for other online accounts for which you use the same password, and take any other steps that you may deem appropriate to safeguard your personal information online."

Reply With Quote
The following 3 users say Thank You to Hood for this post: