Brokerage hackable?

[audreyh1]

We have a zillion email alerts generated by our various banking and brokerage accounts when any transaction occurs. If there is any change in account profile, there is two step verification before it can complete, and we still get ample notification (even by mail in some cases).

I'm still checking things about twice a week in most accounts - mainly because that's how often I update Quicken or need to do bill pay or a transfer or whatever.

All statements are reviewed and reconciled monthly.

I think the only thing we ever print is the annual tax return.

 

[dallas27]

Some examples ?



I would think such things could occur when banks are carelessly or illegally doing business with international criminal enterprises, which they should not be doing anyway.

I take it you dont pay attention to current events. Google "billion dollar bank heist" and you will find no shortage of articles.


Sent from my iPhone using Early Retirement Forum

 

[audreyh1]

Was This Billion-Dollar Bank Heist Preventable? - Forbes

(not a completely naked link. This story has been referred to in previous posts.)

 

[Rick_Head]

Sorry dallas, but a "billion dollar bank heist" is small change. Canada's largest bank's last annual profit was > $2 billion. I don't have numbers for US banks but suspect they make much more.

The loss of 6 months' worth of profits would hit share owners a bit but would no bring our economy to its knees.

 

[M Paquette]

I worry that an unholy union of ebola and bird flu will produce the ultimate computer virus that encrypts all the brokerage records everywhere unless everyone pays a ransom in bitcoins to an undisclosed account, which if unpaid within 72 hours will cause all my AAPL stock to be dumped out of ATM machines around the world in a cataclysmic apocalypse culminating with fire and brimstone coming down from the skies, rivers and seas boiling, forty years of darkness, earthquakes, volcanoes... The dead rising from the grave! Human sacrifice, dogs and cats living together... mass hysteria!

But that's just me.

 

[aja8888]

I worry that an unholy union of ebola and bird flu will produce the ultimate computer virus that encrypts all the brokerage records everywhere unless everyone pays a ransom in bitcoins to an undisclosed account, which if unpaid within 72 hours will cause all my AAPL stock to be dumped out of ATM machines around the world in a cataclysmic apocalypse culminating with fire and brimstone coming down from the skies, rivers and seas boiling, forty years of darkness, earthquakes, volcanoes... The dead rising from the grave! Human sacrifice, dogs and cats living together... mass hysteria!

But that's just me.

Just let me know ahead of this when to sell my Apple stock. Man, I don't know if I could handle dogs and cats living together, though.

 

[brewer12345]

I worry that an unholy union of ebola and bird flu will produce the ultimate computer virus that encrypts all the brokerage records everywhere unless everyone pays a ransom in bitcoins to an undisclosed account, which if unpaid within 72 hours will cause all my AAPL stock to be dumped out of ATM machines around the world in a cataclysmic apocalypse culminating with fire and brimstone coming down from the skies, rivers and seas boiling, forty years of darkness, earthquakes, volcanoes... The dead rising from the grave! Human sacrifice, dogs and cats living together... mass hysteria!

But that's just me.

I don't find this stuff to be worth worrying about personally, but is it really necessary to ridicule people who bring up legitimate concerns about low probability, but very high severity outcomes?

 

[MichaelB]

The greater risks most of us face continue to be excessive fees to financial intermediaries, and theft, not from hackers, but abusive family member.

 

[audreyh1]

People perhaps don't realize how vulnerable they are to phishing. There can be some very clever attempts.

Unfortunately organizations are being successfully targeted by these techniques. Then a lot of people can be impacted.

 

[dallas27]

The market today has any entirely different infrastructure than ten years ago. HFT, algo trading. And now dark pools (ecn's) are removing transparency from the markets while providing anonymity. I think we know very little about how this new world of finance is going to work out.


Sent from my iPhone using Early Retirement Forum

 

[harley]

Im talking about a breach that causes the company to fold, not just a few million here and there each mont

Wow, seems many of you guys believe theft is impossible. Scary.

No, merely that the type of breach you are talking about is extremely unlikely, completely beyond our ability to do anything about, and IMO just not worth worrying about. Any more than I spend time worrying about the meteor.

Anyway, assuming it's not only possible, but likely, what is the alternative? Keep your money under the mattress? I guess you could split your assets up amongst every brokerage there is in the theory that the hackers would only get one of them. Is that what you have done?

 

[MooreBonds]

I realize that there WILL be continued data breaches with various companies, and that there will at some point be a publicized incident with a large broker.

But for those that are truly staying up awake at night actively worrying about this, are you worried about other, far more likely scenarios...like, someone stealing mail from your mailbox that has your personal information on it, ranging from name, address, or even SSN? Or how about someone at your current (or former) place of work, where your SSN is in the payroll database, being hacked?

I'd like to think that companies like eTrade, Ameritrade, et. al realize that just one breach means that they lose tens of thousands of accounts (if not more), and they have to be ever-vigilant on security. Outside of that, what else are you going to do? What else can one do apart from using a dedicated password(s) for financial accounts, checking to make sure that their broker has somewhat decent security and safeguards (like making sure a bank account linked to your account has the same name, or notifying you via e-mail that a new bank account has been added to your account, etc.)? I'm willing to bet that a majority of the losses that occur to financial accounts are due to errors committed by the individual from phishing and downloading viruses. So do you have the latest virus and other security software to help reduce the chance of you getting virsuses and clicking on phishing links?

 

[harley]

I'm willing to bet that a majority of the losses that occur to financial accounts are due to errors committed by the individual from phishing and downloading viruses.

I don't disagree with your sentiment, but I think you are wrong about the majority of losses. I've been out of the biz now for a decade, but I'm pretty sure the majority of losses are still from corporate servers being hacked and personal information being stolen. Think about it...it would take a lot of viruses and phishing attacks to match a single 80 million account hack from Anthem or Target. Heck, in the old days people left laptops on the subways with huge amounts of other people's personal information on them. I suspect that still happens a lot more often than we hear about.

 

[clifp]

I personally think it is more likely than not, that sometime in the next decade, somebody will figure out how to rob a bank/brokerage for hundreds and millions and get away with it.

I imagine getting money back from most of the failed states in the Middle East would be really really hard now days.

Schwab has a $600 million dollar policy with Lloyds of London to handle the event that the SPIC limits are exceeded. The liability is limited to $150,000,000 in securities and $1,150,000, it has been difficult but so far I've managed to keep my balances below that number.

 

[gauss]

Anyway, assuming it's not only possible, but likely, what is the alternative? Keep your money under the mattress? I guess you could split your assets up amongst every brokerage there is in the theory that the hackers would only get one of them. Is that what you have done?

#1) Keeping your assets spread out over multiple institutions (not so easy with 401ks, but for IRAs and brokerages it is possible)

#2) Holding the paper version of the asset as opposed to holding in street name (assuming you can find a way to get these). If memory serves lost or stolen paper assets could be replaced for the price of a surety bond that would cost on the order of 2%.

-gauss

 

[mpeirce]

I guess you could split your assets up amongst every brokerage there is in the theory that the hackers would only get one of them. Is that what you have done?

I do this.

It's more a result of watching the 2008 financial crisis and thinking about what would happen if one of the companies experienced some problems, possibly delaying access to my assets when I want access.

I don't go over board, but by keeping assets in a few places there is less likelihood of all of them encountering problems. Of course, it does increase the likelihood that one of them might encounter problems. It also keeps more of my assets covered by the SIPC limits.

No approach is foolproof, but this is the way I chose to go.