Apparently collective2 has been hacked and they got all, I mean all of my information. Luckily my credit card has expired but they got everything else.
Sure hope brokers have much better security... ----------------------------------- Users of the do-it-yourself trading site collective2.com received an âurgentâ e-mail at a few minutes past noon Wednesday notifying them that the companyâs computer database had been breached by a hacker and that all users should log in to change their passwords immediately. That e-mail, from Collective2 LLC founder Matthew Klein, stated that the information accessed by the hacker included names, e-mail addresses, passwords and credit card information. In addition, the e-mail went on to state: âWe have contacted federal and state law enforcement authorities, who we hope will track down and prosecute the person responsible. More important: we have changed our database security, locked down our servers and altered our website in order to prevent similar attacks. We are also notifying the three credit bureaus â Equifax, Experian and TransUnion â of the breach.â Read more on Investment News. A notice on collective2.comâs web site at the time of this posting reads: Security Notice to Our Customers We are sending out emails to all of our customers explaining that a hacking attempt has potentially compromised customersâ personal data. The email you may have received is real, as are these unfortunate circumstances. We believe we have eliminated the security flaw the hacker exploited. If you have an account with us, it is important you change your account password. http://www.databreaches.net/?p=9230
Thank goodness my credit card account was expired AND was an old account hackers had gotten from another online merchant.
What does Collective2 do that they need to keep your credit card numbers on file? That in itself is bad practice. You're not supposed to keep that information if you don't absolutely have to.
They charge you a monthly fee if you subscribe to any systems via their site. Nobody would want to submit their credit card info every month....
CC numbers are supposed to be encrypted when store in databases which will make them harder to steal. Most sites dont do this.
As it happens I am a responsible for a website that provides billing services so I know a little bit about this topic. They don't need to keep the credit card numbers; their gateway will do that for them and facilitate the monthly billing.