TD Ameritrade data theft settlement gets court OK

May 11, 2009 By JOSH FUNK , AP Business Writer

(AP) -- More than 6 million current and former customers of online brokerage TD Ameritrade Holding Corp. will be able to benefit from the settlement of a class-action lawsuit filed over the theft of client contact information.

Formal notice of a agreement will be sent to people who used TD Ameritrade's services before mid-September 2007.

U.S. District Judge Vaughn Walker in San Francisco approved a revised version of the settlement agreement earlier this month despite some misgivings about it. Last summer, Walker rejected an earlier version of the deal.

Anyone who held an Ameritrade account or provided an e-mail address to the company before Sept. 14, 2007, could benefit from the lawsuit. The database that was breached included information on 6.2 million people.

The plaintiffs in the lawsuit said they received unwanted e-mail ads about certain stocks. The ads appeared to be designed to manipulate the value of thinly traded stocks.

Ameritrade officials and one of the lead plaintiff's attorneys, Scott Kamber, have said the data theft has not been linked to cases of identity theft.

As part of the proposed settlement, the Omaha-based company will pay nearly $1.9 million in legal fees and cover the cost of one year of anti-spam service for the victims. Ameritrade also promised to better protect customer data.

Those terms have not changed from the original proposed settlement. But the new agreement will more clearly state that Ameritrade customers were at risk of identity theft, and it will preserve customers' ability to pursue identity theft claims against Ameritrade.

Most of the changes to the agreement happened because the Texas Attorney General's Office and a former named plaintiff objected to the previous deal.

In his order, the judge questioned whether the settlement does enough to benefit Ameritrade clients whose information was stolen.

"The court is particularly concerned that TD Ameritrade has agreed to pay the class counsel $1.87 million and yet the class itself will receive no monetary award," Walker wrote.

But Walker said it appears that this revised settlement may be acceptable because Texas officials signed off on it and because the former plaintiff who objected had trouble finding a lawyer to take his case and press for a trial.

Kamber said Monday that he's confident he'll be able to convince the court that the settlement is fair and in the best interests of the victims because the lawsuit prompted Ameritrade to take several new actions to protect customer data.

Several of the benefits of the settlement have already been provided. But the Trend Micro anti-spam software Ameritrade agreed to provide won't be available until after final approval.

Ameritrade hired ID Analytics Inc., which has expertise in identity theft, to help investigate. ID Analytics has checked Ameritrade's customer data against other databases four times and found no evidence of organized identity theft. The settlement calls for ID Analytics to provide at least one more check after the deal gets final approval.

Ameritrade does not admit any wrongdoing in the settlement.

"We're settling to bring this to a close in a timely manner," Ameritrade spokeswoman Kim Hillyer said Monday.

Part of the cost of the settlement will be covered by insurance, Hillyer said, so this deal will not have a material effect on the company's earnings.

Ameritrade revealed the data theft in September 2007, but it has never shared all the details of its investigation, including exactly when one of its databases was hacked.

The company has said it stored sensitive information in the database, including Social Security numbers and account numbers. But officials say that information does not appear to have been taken.

Ameritrade officials have said they were confident the company had identified how the information was stolen and had changed its computer code enough to prevent the theft from recurring.

Other Ameritrade databases where information such as passwords, user IDs and personal identification numbers are kept were not violated, the company said.

A hearing has been scheduled for Sept. 10 to determine whether the settlement should receive final approval.

©2009 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

Explore further: Twitter looks to weave into more mobile apps

add to favorites email to friend print save as pdf

Related Stories

Microsoft, Calif. municipalities to settle

May 03, 2006

A tentative $70 million settlement was announced Tuesday to resolve antitrust claims brought on by Californian local government entities against Microsoft.

Google book settlement facing antitrust scrutiny

Apr 29, 2009

Google's settlement with US authors and publishers over its book scanning project still needs the green light from a US judge but it may first have to pass muster with the US Justice Department.

Stopping wireless ID theft

Sep 16, 2005

A New Jersey State Superior Court judge this week ordered a company that had acquired customer names from a major wireless carrier without its permission to refrain from selling those customer profiles to others and to surrender ...

Recommended for you

Twitter looks to weave into more mobile apps

2 hours ago

Twitter on Wednesday set out to weave itself into mobile applications with a free "Fabric" platform to help developers build better programs and make more money.

Google unveils app for managing Gmail inboxes

3 hours ago

Google is introducing an application designed to make it easier for its Gmail users to find and manage important information that can often become buried in their inboxes.

Fighting cyber-crime one app at a time

9 hours ago

This summer Victoria University of Wellington will be home to four Singaporean students researching cyber threats. The students have been working with Dr Ian Welch, a lecturer in Victoria's School of Engineering and Computer ...

Is big data heading for its 'horsemeat moment'?

11 hours ago

There have been so many leaks, hacks and scares based on misuse or misappropriation of personal data that any thought that "big data" could provide benefits rather than only opportunities for harm may be ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

NateO
not rated yet Jun 14, 2009
Anyone else objecting to this? The last thing I need is another year of trend micro or identity theft protection, I already have a lifetime supply. I rather have nothing then see these attorneys pocket 1.8 million, the only person benefiting from these lawsuits are the attorneys. If 400 people object there is a chance it will get tossed and they can either give us something meaningful or do nothing at all.