About Us | Contact Us
View Cart

For Those of Us Who Still Question the Supplement

By Vigilize | Wednesday, December 5, 2012 - Leave a Comment

Court finds People’s United Bank security practices to be “commercially unreasonable.”

After hackers stole $300,000 from Patco Construction Company in 2009, a court has ruled that the bank’s security practices were to blame, labeling them “commercially unreasonable.” People’s United Bank will be paying Patco all the money that they lost to the hackers as well as $45,000 in interest.

During the incident, despite suspicious transactions being flagged as “high-risk” by the bank’s security system, the bank failed to contact the customer, resulting in a series of transactions over seven days. By the time Patco realized what was happening, nearly $600,000 had been transferred out of the company’s account.

This isn’t a first for this type of incident. In recent years, businesses around the country have lost millions of dollars to hackers who stole bank account credentials by infecting their computers with malware. In this specific case, an email was sent to employees who opened it and unknowingly installed the Zeus password-swiping trojan on company computers.

People’s United Bank used Jack Henry & Associates’ NetTeller as its security system at the time of the incident which offers a number of authentication options, most of which were rejected by the bank. Not only did they reject the authentication options, but they also failed to configure the system properly and failed to use it properly. The system asked users challenge questions for every transaction customers made. This security measure coupled with hackers installing keystroke-logging malware on company computers means that what the bank thought was a secure system of confirming identity is actually nonexistent. The appellate court ruled that the bank actually increased the risk of fraud by asking the security questions with every transaction.


Original article by Kim Zetter.
Read the full story here.

Latest News
      Alternatives From 2020 Conferences The 2020 Update Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . Each year as we go to various conferences throughout the Midwest ranging in scope; from small banker conferences that Dan himself moderates, to hacker conferences like Defcon.  We […]
    Another awareness poster for YOUR customers (and users).  Now that we have our own employees aware, maybe it’s time to start posting content for our customers! Download the large versions here: Awareness Poster (Portrait) Awareness Poster (Landscape)   You are welcome to print out and distribute this around your office.  
    The IBA Presents an infotex Workshop: Tech-Shop (A Virtual Workshop for Banks IT Geeks) Live Workshop Time for a workshop for the technical side of the community-bank. Time for a workshop full of command lines and configurations, acronyms we are forbidden to use around management, and even dark-web jokes. Time for a workshop where we […]
    An Analogy… …About Taking Better Notes Another one of those Dan’s New Leaf Posts, meant to inspire thought about IT Governance . . . . An interesting set of metaphors arose out of our efforts to improve our time management practices at infotex.  In the spirit of sound strategic planning, we as a team decided […]
    A Webinar-Movie In our current world of uncertainty there is at least one thing that is certain. Business needs to continue, and that means that it is important for managers to be able to meet with their team even if everyone is working remotely at this point. In this Webinar-Movie, Dan will compare virtual meeting […]