FBI checking theft of Dain clients' data

September 28, 2005

By Thomas Lee, Star Tribune

http://www.startribune.com/stories/535/5638740.html



The FBI has opened an investigation into the possible theft of personal information about some clients of RBC Dain Rauscher Inc.

The chief executive of the Minneapolis-based brokerage firm disclosed the problem in a letter sent to 300,000 households. Dain Rauscher has not yet detected any fraudulent activity in their accounts, according to the letter from Dain head John Taft.

"While we have no information to believe that your personal information has been compromised in any way, we are treating this as a serious situation," Taft wrote.

FBI agent Paul McCabe said the agency does not know how many accounts might be affected.

Dan Callahan, a Dain Rauscher spokesman, said some clients have received anonymous letters sent last week by someone claiming to be a former Dain employee. The letter, received by a seemingly random group of more than 100 account holders, contained each recipient's name, address, tax identification number, birthdate and Dain Rauscher account number.

The Star Tribune obtained a copy of the profanity-laced letter, whose author said he was seeking revenge on Dain Rauscher because the company fired him.

The writer claims to have been able to copy information from "thousands" of accounts because Dain Rauscher did not remove his password from a mainframe computer. He claims to have sold the information to an unidentified buyer.

"It is Dain Rauscher's [mistake] that I did this so blame them," the letter says. "Call a TV station, ask them to call Dain and find out how the idiots are going to fix this."

Callahan said the company, which like other brokerage houses has experienced heavy turnover in recent years, routinely changes passwords when an employee leaves the firm. Nevertheless, Dain is reviewing its security procedures and has hired an outside firm that specializes in identity theft.

"We are a victim, just like our clients," Callahan said. "We take their protection very seriously."

The company is asking people who receive the letter to contact Dain immediately. Callahan said that customers should place the letter in a plastic bag because it might contain fingerprints. The company is turning the letters over to the FBI.

McCabe declined to comment further except to say that the FBI is "vigorously" pursuing the case.

The incident is the latest case involving the potential theft of personal information from financial institutions such as banks and credit-card companies.

In February, MasterCard International Inc. said a computer hacker may have accessed personal information of as many as 40 million credit card holders. And late last year, Wells Fargo & Co. said four laptop computers were stolen from an Atlanta company that prints loan statements. The computers contained names, addresses and Social Security numbers of an undisclosed number of customers who have mortgages and student loans with the bank.

[an error occurred while processing this directive]