The Wall Street Letter today reports that the "SEC has found no evidence of negligent behavior at the firms", because the firms "reimburse clients" for online theft. All you guys who have not be reimbursed by your firms for online theft should get a lawyer. Apparently, the firms are supposed to reimburse you for online theft, and are portraying this as fact to the SEC. Finally, the firms were less than honest when they simply shrugged their shoulders about theft in retail accounts. This phenomenon (online theft) was, in fact, well known. Deputy Director of Enforcement at the SEC, Peter Bresnan, acknowledged the extent of the problem, and said that "tens of millions of dollars" had been stolen from investor accounts. Retail investors, of course, did nothing wrong. The firms are now responsible for the fix. "Virtual keyboards" and "software that changes clients' passwords every 10 seconds" are now being tried to re-implement the necessary security for investors' funds.