Chicago Couple Discovers Retirement Account Hacked
A couple from the Chicago area logged into their retirement account only to find it had been hacked, resulting in a significant loss of their retirement savings. To make matters worse, their online brokerage’s reaction felt more like an added insult.
“Check out the 3:32 trade. I mean, that’s after the market closes, and I usually don’t trade after hours,” Erez Hartal remarked.
Tali and Erez Hartal manage an online trading account with Tastytrade, a platform often praised for its user-friendly features and excellent technical analysis. However, during the August holidays, they began receiving unexpected emails related to their account activity.
“I couldn’t believe it; I logged in and felt so frustrated,” Erez shared.
The Hartals discovered that their account had been compromised, witnessing multiple transactions they hadn’t authorized, some occurring in rapid succession.
“A lot of these trades involved buying and selling at massive losses,” Erez noted.
In a short period, the hackers caused considerable financial damage, draining around $180,000 from their accounts. Tali reflected, “This really makes me think about whether I can actually retire, and if I can, when that might be.”
The couple reported the breach to the Wilmette Police, who confirmed that the login was traced back to an IP address located in New Jersey.
Tastytrade confirmed that an “intrusion” had taken place but argued that it wasn’t their fault since the couple had opted not to enable optional two-factor authentication. “We implemented this feature to help reduce fraud risk among our customers,” an email from their fraud administrator stated.
“I get that it was an option, but it was never mandatory,” Erez pointed out.
Nicole Jiang, a cybersecurity expert and CEO of Fable Security, emphasized that two-factor or multi-factor authentication serves as a robust safeguard, ensuring users’ identities are genuine. Still, she noted that even commonly used methods, like text and email codes, can be less secure than biometric options, such as fingerprints or voice recognition.
She believes that enforcing these security measures is critical.
“I strongly encourage companies to bolster their security protocols, which I think will significantly cut down on this type of fraud,” she added.
Tastytrade has offered to reimburse half of the Hartals’ losses, but the couple feels that’s insufficient.
“If they truly believed it wasn’t their fault, they wouldn’t have offered anything,” Tali commented.
Attempts by CBS News Chicago to connect with the brokerage for clarification on the policy went unanswered.
Since the incident, the Hartals have enrolled in two-factor authentication, hoping their experience serves as a cautionary tale for others.
“I know it’s a hassle, but it’s definitely better protection,” Erez stated.
The company has indicated that the customer agreement they signed required them to “safeguard sensitive account information.” The couple is now considering legal action.
