Companies typically find out about data breaches first-hand, and bring in the police after the fact to (hopefully) identify the culprits. Unfortunately, Scottrade didn't even have that luxury: the investment firm only learned about a huge breach after federal law enforcement showed up at its door with word of an ongoing investigation. The intruders compromised roughly 4.6 million accounts between late 2013 and early 2014. They focused primarily on snagging contact information, but the targeted system also included information as sensitive as Social Security numbers.
Scottrade is quick to stress that neither passwords nor trading platforms were at risk, and it's offering a free year's worth of identity protection services if you're still worried about fraud two years after the incident took place. Still, the revelation isn't exactly confidence-inspiring. It suggests that the company's security measures weren't thorough enough to even detect the hacking attempt, let alone stop it, and that millions of customers were unaware of the danger until the feds stepped in.
[Image credit: Chris Yunker, Flickr]