Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Over Half a Million Bank Accounts Breached

CmdrTaco posted more than 8 years ago | from the thats-a-whole-lotta-breach dept.

Security 450

Gone Phishing writes "CNN is reporting that about 676,000 bank accounts in at least four banks (Bank of America, Wachovia, Commerce Bancorp, and PNC Financial Services) have had personal information "illegally sold". Over 60,000 customers have been notified so far."

Sorry! There are no comments related to the filter you selected.

Hmm... (0, Redundant)

ZakuSage (874456) | more than 8 years ago | (#12615951)

I wonder if they're running windows...

Didn't matter, it was an inside job (2, Interesting)

varmittang (849469) | more than 8 years ago | (#12616016)

"The case has led to criminal charges against nine people, including seven bank employees and alleged ring leader Orazio Lembo, who operated DRL Associates, a company that advertised as a skip-and-trace collection agency."

Re:Hmm... (1)

ZerocarboN (415676) | more than 8 years ago | (#12616062)

of course?!?!

Stolen Account Information and Dupes (5, Funny)

ari_j (90255) | more than 8 years ago | (#12615958)

Oftentimes, I'll complain about Slashdot dupes. Why can't this be one of those times?

Re:Stolen Account Information and Dupes (5, Insightful)

NoTalentAssClown (623508) | more than 8 years ago | (#12616136)

Great. So far this year I've received a letter from from LexisNexis and Choice Point. When my identity was stolen at the beginning of the year I thought "How could this happen? I have been so careful with my information." Apparently is doesn't matter how careful *I* am when everyone else just seems to be giving it away. Something has to be done to punish these people other than sending me a letter with how to PAY someone to watch my credit and alert me to "changes".

US data protection act? (4, Informative)

Colin Smith (2679) | more than 8 years ago | (#12615962)

Isn't there a US equivalent of the Data Protection Act?

http://www.opsi.gov.uk/acts/acts1998/19980029.htmh ttp://www.opsi.gov.uk/acts/acts1998/19980029.htm [opsi.gov.uk]

A few holes, especially principle eight, but overall it does what it's supposed to.

Re:US data protection act? (4, Interesting)

jd (1658) | more than 8 years ago | (#12616042)

Not exactly. In fact, so not exactly that Europe has repeatedly warned the US that it is technically illegal for European companies to trade personal data with the US, due to a total lack of any privacy law.


The closest the US has is the DCMA, which prohibits the reverse-engineering of encrypted data for the purpose of copying it, which essentially makes it a crime to steal encrypted personal data, but I've yet to hear of anyone actually prosecuted this way and it is extremely unlikely to ever happen.


Largely because commercial companies often don't encrypt personal data for customers.

Re:US data protection act? (1)

caluml (551744) | more than 8 years ago | (#12616284)

the DCMA, which prohibits the reverse-engineering of encrypted data

I thought it was encrypted copyrighted data. (IANAL)

Laws are reactionary (3, Insightful)

paranode (671698) | more than 8 years ago | (#12616057)

If an individual or group intentionally leaked or sold this information it is most certainly a crime. Laws are a punishment, not a absolute way to prevent crimes. If the perpetrator is convinced they can get away with this and profit from it, then they are not going to be worried about the fine print of the numerous laws they are breaking.

The DPA requires a proactive approach (2, Informative)

Colin Smith (2679) | more than 8 years ago | (#12616268)

Companies are required to put "technical and organisational measures" in place to protect data.

If you can read legalese. The principles:
http://www.opsi.gov.uk/acts/acts1998/80029--l.htm# sch1ptI [opsi.gov.uk]

Course, I'm not entirely sure how big the teeth are.

Re:US data protection act? (1)

joshdick (619079) | more than 8 years ago | (#12616064)

No, but we sorely need one, obviously.

Congress recently began hearings to look into this matter but have yet to pass any legislation.

Wow, your country must be great. (5, Insightful)

bigtallmofo (695287) | more than 8 years ago | (#12616077)

Based on forensic examination of Lembo's computers, it was determined that he had employed upper-level bank employees to access and identify individual accounts in their respective banks," the police statement said.

It doesn't matter what laws you enact. If you RTFA, you'll see that this was an inside job done by corrupt upper-level employees. Setting aside security-Utopia for a second, at some point you have to trust your own employees, especially "upper level" ones. When that trust turns out to be misplaced, there's not a lot one can do to prevent malfeasance.

Re:Wow, your country must be great. (2, Insightful)

CarrionBird (589738) | more than 8 years ago | (#12616208)

True, but you can make the companies who have the DBs liable for some the damage they cause. (but not take away from the liability of the actual thief at all)

Re:US data protection act? (2, Insightful)

Daedala (819156) | more than 8 years ago | (#12616080)

In a word, no.

We have several laws that apply to personal data. There are gaps you can drive a truck through, and the industry has spent decades doing just that. (I particularly like the part about how the laws specify that they only apply to "authorized uses" of personal data--so if it's not an authorized use, you can do anything. No, I'm not kidding.)

Re:US data protection act? (1)

Pakaran2 (138209) | more than 8 years ago | (#12616128)

Including transfer zillions of dollars overseas? As long as it's unauthorized? It's a wonder that anyone here in the US still has any money in the bank if that's the case.

Re:US data protection act? (3, Informative)

neverkevin (601884) | more than 8 years ago | (#12616099)

I don't know if the US government has any specific policies reguarding PPI and financial data, but the HHS has HIPAA http://www.hhs.gov/ocr/hipaa/ [hhs.gov] for personal medical data. The state of California has SB1386 to protect Californians personal financial data. However, neither go far enough and I am supprised more incidents are not made public. I suspect there are many more security breaches that companies are quiet.

Informative my ass (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#12616108)

A totally off-topic Troll post linking to a broken link gets modded "Informative".

Mods, your stupidity has outdone itself. Anyone that modded this Informative should revoke said moderation by posting in response to it. In said post, please post how you regret your idiotic moderating.

For Banks, we do (3, Informative)

TykeClone (668449) | more than 8 years ago | (#12616180)

It's called the Gramm-Leach-Bliley act.

It has two purposes - the first purpose is to have financial institutions adopt measures to protect consumer data. The second purpose is to add a great deal of paperwork and extra compliance steps that bank staff must accomplish without adding any extra safety to the information.

I believe that in health care, HIPPA or HIPAA (which ever one it was!) accomplished much the same thing.

Re:US data protection act? (0)

Anonymous Coward | more than 8 years ago | (#12616227)

Short answer: NO.

Long Answer: Government serves the corporations. An equivalent act would serve the people. Once it was decided that corporations had rights in the good Ole USofA they could start to vote with their money.

Re:US data protection act? (2, Informative)

reallocate (142797) | more than 8 years ago | (#12616271)

I don't know, but this could just as easily happened in the UK. Bank employees knowingly sold the data. The staff at your local Barclays could do the same thing, too.

Two points to remember: 1. No law (and there are laws against this in the U.S.) will prevent crime if the criminal believes he can get away with it; 2. The only techbical aspect of this crime is the way the data were stored. The same crime could have occured in 1905, except the info would have been passed in ledger books.

Hmmmm (1, Funny)

Anonymous Coward | more than 8 years ago | (#12615969)

Checks bank account...

shit!

This could get ugly (5, Insightful)

kcornia (152859) | more than 8 years ago | (#12615973)

I'm sure the answer will be higher fees though, so in the long run the banks will be fine.

Hmm (0)

Anonymous Coward | more than 8 years ago | (#12616098)

If your bank still charges you fees then you need to switch banks.

Are you also worried there won't be enough tellers for you after you wait in line for an hour to withdraw five dollars for lunch?

Re:This could get ugly (1)

ultimabaka (864222) | more than 8 years ago | (#12616189)

Higher than zero would be something I would notice. At least for myself (as a Commerce account holder with a sizable amount of money in my account), this (a) scares the bejesus outta me, and (b) could not justifiably allow for an increase in fees beyond the zero I'm currently paying for them. And if there's any more left in my account after this (:\) I'll happily switch banks if they try to use this as an excuse to boost fees.

Oh... (0)

Anonymous Coward | more than 8 years ago | (#12615974)

Oh.... I'm screwed.

My account is safe. (5, Funny)

mrcrowbar (821370) | more than 8 years ago | (#12615975)

Fortunately, my account should be safe. I got a email from Bank of America telling me about their problem, and I filled out their form to resecure my account. Such at great company to take care of their customers like that!

Re:My account is safe. (2, Interesting)

shawn(at)fsu (447153) | more than 8 years ago | (#12616009)

lol

The sad thing is this weekend I got two of those emails from differnt 'banks'. I wonder how many people fall for them. I actually tried to contact the real bank of the first email but their contact us page was impossible so there wasn't anything I could do.

Re:My account is safe. (1)

bahwi (43111) | more than 8 years ago | (#12616093)

I wonder if people ever get those phising notices for banks that are actually fake and involved in escrow scams.

Re:My account is safe. (1)

Naikrovek (667) | more than 8 years ago | (#12616095)

I get about two dozen of these a week from places purporting to be eBay and PayPal, as well as several banks.

I can't even begin to wonder how many have fallen for these scams. its a damn shame.

Re:My account is safe. (-1)

Anonymous Coward | more than 8 years ago | (#12616010)

Um, are you sure it was the bank that contacted you? Sounds like a SPAM scam to me. . .

Re:My account is safe. (-1)

Anonymous Coward | more than 8 years ago | (#12616050)

I think it was probably real. I got one of them too. I sure am glad I filled it out before anybody was able to use my information somewhere else.

Re:My account is safe. (-1, Offtopic)

william.gunn (864377) | more than 8 years ago | (#12616070)

hence the +4 funny rating on his comment.

Re:My account is safe. (1)

WickedClean (230550) | more than 8 years ago | (#12616086)

Were you sure to give them your ATM Pin number, because that is always an important part of account verification, you know? Especially for AOL and PayPal users.

Old Story..... (1, Informative)

Anonymous Coward | more than 8 years ago | (#12615976)

I read about this a month ago, in a letter from Bank of America.

No, realy...

Re:Old Story..... (1, Informative)

Anonymous Coward | more than 8 years ago | (#12616125)

No, see this is a seperate incident. It happened AGAIN.

Opting Out of 3rd Party Information Sharing (2, Funny)

Anonymous Coward | more than 8 years ago | (#12615980)

Good thing i've opted out of having my bank share information with other parties. Opting out of information sharing is a wise thing for everyone to do.

Re:Opting Out of 3rd Party Information Sharing (2, Interesting)

flynns (639641) | more than 8 years ago | (#12616215)

I'm not quite sure you understand. It was ILLEGALLY sold. Without the permission of the account holder. Meaning that whatever you SAID you didn't sold...doesn't matter.

The bigger they are... (5, Interesting)

creimer (824291) | more than 8 years ago | (#12615984)

This is why I switched to a local credit union a few years ago. Seems like the bigger the bank, the bigger the security breach. Worse... they nickel-and-dime you on everything else.

Re:The bigger they are... (1)

rpillala (583965) | more than 8 years ago | (#12616119)

I don't see anything about it at wikipedia but it was my understanding of credit unions that they do rely on banks for certain things. In that case, are credit unions as a whole exposed to this problem? Can anyone clarify?

http://en.wikipedia.org/wiki/Credit_union

Re:The bigger they are... (1)

TykeClone (668449) | more than 8 years ago | (#12616242)

They are by law supposed to be barred from commercial accounts (I believe) - Credit Unions are supposed to be financial institutions for people of modest means bound by a common bond and because of that are tax exempt and much less stringently regulated than banks.

So some services are supposedly barred from being offered by credit unions, but for consumers they should be fine.

Jesus. Move to Cuba. (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#12616318)

Why the fuck would you look in wikipedia? Jesus. Move to Cuba.

Re:The bigger they are... (0)

Anonymous Coward | more than 8 years ago | (#12616137)

Weird, last time I checked it was still those local banks that charged you for ATMs, checks, account maintenance fees, etc. They also tend not to have online access, but of course I guess you'd see that as a good thing.

Re:The bigger they are... (2, Interesting)

creimer (824291) | more than 8 years ago | (#12616218)

Why don't you check out my credit union [keypointcu.com] before jumping to conclusion. Credit union ATMs are free, I usually buy my checks from an independent check printer, my checking account is free with direct deposit and they pay interest on the balance. Oh, yeah, since this credit union is located in Silicon Valley, they do have online access. :P

Re:The bigger they are... (2, Informative)

crow (16139) | more than 8 years ago | (#12616220)

In Massachusetts, there are essentially two ATM networks, and you pay a fee if you use the wrong one.

There's the Bank Boston/Fleet/Bank of America network, and there's the SUM network that almost everyone else has joined.

In my case, my credit union doesn't charge fees for much of anything, and I can avoid ATM fees by avoiding the Bank of America ATMs.

Re:The bigger they are... (1)

booyah (28487) | more than 8 years ago | (#12616156)

funny you should say that,

http://www.umcu.org/

right on the front page of the university of michigan credit union

Member Alert - Phishing Scam
Some of our members have received a fraudulent email from a source pretending to be University of Michigan Credit Union. In this email you are asked to click on a link to provide personal information to "confirm your identity." THIS EMAIL IS NOT FROM YOUR CREDIT UNION. WE WOULD NEVER ASK YOU TO CONFIRM YOUR IDENTITY IN THIS MANNER. Please delete the fraudulent email. If you did click on the link and have entered any personal information, please call us immediately.

Re:The bigger they are... (1)

creimer (824291) | more than 8 years ago | (#12616281)

Everyone and their dogs get emails like that about any bank or credit union. The problems with the big banks losing customer records are due to internal controls (or lack thereof).

Re:The bigger they are... (1)

MarkGriz (520778) | more than 8 years ago | (#12616297)

This is why I switched to a local credit union a few years ago. Seems like the bigger the bank, the bigger the security breach. Worse... they nickel-and-dime you on everything else.

Credit unions are no panacea [msn.com]

Of course, with a building looking like that, and the name "Need Action Credit Union", maybe nobody should be all that surprised.

Re:The bigger they are... (2, Interesting)

utexaspunk (527541) | more than 8 years ago | (#12616298)

Don't count on it. Credit Unions often outsource a lot of their operations to third-party groups to save on costs. Of course, the way the laws work, one doesn't often have to tell the customer that they are dealing with a third party.

I used to work for a collection agency that specifically did third-party collections for credit unions across the country. We just had an 800 number for each credit union, and we'd answer with the name of the CU depending on which line rang. Same with sending out letters- just change the letterhead accordingly.

If your CU is dealing with the kind of numbskulls I worked with, your data is probably just as insecure if not moreso than if it were with a big bank.

I've been using Washington Mutual for about a year now, and haven't been nickled-and-dimed on anything, and have been really happy with their service. Of course, I'm sure someone will now reply with their WaMu horror story...

Gee how informative (2, Insightful)

tofucubes (869110) | more than 8 years ago | (#12615993)

I'm glad to know that about 1 in 10 people were notified
I have a feeling that most people's social security numbers have been harvested by people who shouldn't have them

I am NOT a script. (-1, Offtopic)

Anonymous Coward | more than 8 years ago | (#12615994)

I am NOT a script. z
Iz amz NzOT a szcript. z
I am NzOT a script.
Iz azm NOT a scrzipt.
I am NOT a sczript.
zI am NOzT a scrzipt.
I azm NOT a sczripzt.

Just kidding, I'm really a script.

Say, give me some CPU.

Native Americans: An Absurd Liberal Myth (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#12615999)

One of the greatest lies that historians have ever told is that the continent that we now refer to as North America was inhabited by "native peoples" at the time of its discovery by Columbus. This, as true history has shown, is sheer poppycock; it is a nefarious fantasy concocted in the minds of those who wish to control our collective destinies. Not only are there no contemporary documents that support the existence of these fantasy "natives", the people who are responsible for inventing them have never been particularly secretive about their true motives.

It is interesting to note that in the late 1950s, no American (indeed, no person) had ever even heard of these so-called "native Americans." But then, in the 1960s, stories of them suddenly started appearing seemingly from nowhere. Your next-door neighbor started relating stories from his great-grandmother about "Injun attacks." Schoolchildren started to get educated about the different "tribes" and "nations" of these people, and yet not one parent demanded to see evidence of their existence.

Our children were taught stories about how the great white pioneers of this nation supposedly plundered these peoples and took their land from them, and our children felt ashamed. Of course they felt ashamed! That's the whole reason these fantasy "native Americans" exist! They were invented by radical leftist agitators at Berkeley in the early 1960s. The primary purpose that these mythical "Indians" serve is to instill false guilt in white people. They exist to make the Chosen People of this land feel badly about their own history and heritage, and that is a thought crime.

Liberalism is about (first and foremost) the hatred of self and love of collective. To that end, this nation's leftists felt it necessary to invent an entire imaginary race of people that were "pillaged" by this continent's Anglo-Saxon discoverers. The goal: to make this nation's guardians hate themselves and their heritage, and be sympathetic to that which is alien and unacceptable.

The truth, of course, is that none of these stories has the least bit of credibility; despite repeated requests from the conservative community, liberals have been unable to produce a single "native American." And so we must file this lie in the same trash dumpster as the (extremely overexaggerated) stories of so-called "slavery" of the 1800s. Patriots must constantly guard their country from its enemies, and we must realize that more today than ever before, its enemies are more likely to attack from within.

Re:Native Americans: An Absurd Liberal Myth (0)

Anonymous Coward | more than 8 years ago | (#12616278)

They were invented by radical leftist agitators at Berkeley in the early 1960s

Tell it to Chief Thundercloud [imdb.com] .

Heh (-1, Redundant)

Anonymous Coward | more than 8 years ago | (#12616002)

I can see the email now:

"Hi, we need for to verify security on your account. Please visit web site (URL address) and verify your PIN number and account information."

"Hey, wonder why noone's responding to our urgent email?"

OMG (1)

rkv (852317) | more than 8 years ago | (#12616004)

OMG i have to go and check and my bank account fast. i feel so violated! so much for piracy. bet they were running windows :angry:.

Walkoverya is busted omg (0)

ACK!! (10229) | more than 8 years ago | (#12616007)

Time to switch banks.

Crap. I use them.

Man, with inside hack jobs it does not what you are running or what you do, somehow you can still end up getting screwed.

Yikes!!!

Human check (-1)

Anonymous Coward | more than 8 years ago | (#12616013)

Just checking to see if I am human.

Sold? (1)

Zeroblitzt (871307) | more than 8 years ago | (#12616021)

Funny how selling bank account information illegally makes money that you'll just have to put back into the bank. Or maybe not.

What will it take? (-1, Flamebait)

Anonymous Coward | more than 8 years ago | (#12616026)

I think that there should start being class action lawsuits because banks aren't protecting our data well at all. It shouldn't be that easy for employees to grab hundreds of thousands of customer records and sell them.

Oops, I forgot Bush ruined class action lawsuits by forcing them to be in federal courts, which are more friendly to businesses.

I know, let's pass legislation!

Oops, I forgot our legislature is too busy removing checks and balances (Senate) and debating corrupt members (House) to get anything else done.

Maybe China should just stop buying our debt and put us out of our misery. Our country is becoming so corrupt. :(

I know what we can do! (0, Funny)

Anonymous Coward | more than 8 years ago | (#12616176)

Let's make up a "Troll" moderation so that people who post off-tropic tripe to rant about inflammatory political issues can be modded down.

On second thought, let's just mod them Informative.

Re:I know what we can do! (0)

Anonymous Coward | more than 8 years ago | (#12616286)

I think it was quite on-topic when I posted it.

I was trying to type possible solutions to this problem, and each one I came up with had a problem.

Our government is totally messed up right now. Partisan bickering, massive corruption, business-friendly laws being passed right and left. If our credit is ruined from these thefts of our banking and personal information, we can't even use bankruptcy to escape all of the debt racked up on us because a law was passed that made bankruptcy useless.

So I think I had an on-topic post. Post some ideas of your own for solutions and see how many are even possible now.

Banks ? Secure institutions? (0, Troll)

guildsolutions (707603) | more than 8 years ago | (#12616028)

Our banks are supposed to be some of the most secure instituions available to us. I wonder if they will reverse the charge on my credit card if I claim I didnt make it and it was caused by my personal information being breeched...

Conflict of interest (5, Interesting)

whysanity (231556) | more than 8 years ago | (#12616032)

Customer account numbers and balances were allegedly sold to a man who then sold the information to collection agencies, the Hackensack police department said in a statement. Reuters reports that the information has not been found to have been used in any identity theft schemes.

/snip/

The case has led to criminal charges against nine people, including seven bank employees and alleged ring leader Orazio Lembo, who operated DRL Associates, a company that advertised as a skip-and-trace collection agency.


Hmmm... working for a bank and a "collection agency". Sounds like a conflict of interest banks might want to look out for and possibly stipulate that working for a collection agency is not permitted while working for a financial institution.

Information wants to be FREE!! (-1, Troll)

Anonymous Coward | more than 8 years ago | (#12616039)

0mg th3y must be running W1nbl0wz! lolz!!!!!111one

Bank of America is procative (0, Redundant)

doyle.jack (836744) | more than 8 years ago | (#12616041)

I got an email the other day asking for my card numbers, pin numbers, social security number, etc. so that they could verify that my information had not been compromised.

I'm sure glad I took the time to fill all of that out.

Re:Bank of America is procative (1)

twd (167101) | more than 8 years ago | (#12616222)

Does "procative" mean running the cat command before it's needed?

Hackensack? (5, Funny)

screwballicus (313964) | more than 8 years ago | (#12616047)

The data-theft ring may have perpetrated the nation's largest ever banking security breach, a Hackensack, N.J., police statement quoted a Treasury Department representative as saying.

I only hope that Hackensack don't lack the knack to track this crack attack.

Re:Hackensack? (0)

P3NIS_CLEAVER (860022) | more than 8 years ago | (#12616126)

thank you for ruining my day.

Re:Hackensack? (2, Funny)

Reorax (629666) | more than 8 years ago | (#12616229)

That is WHACK!

What about the agencies? Will they face charges? (4, Insightful)

stomv (80392) | more than 8 years ago | (#12616053)

So, the people at the banks will face charges, as will the Lembo, the "mastermind".

But, what about the 40 collection agencies and law firms? Will they face civil charges? Criminal charges? Both? Surely they knew they were up to no good, and they were the ones funding the information theft in the first place -- all so that they could illegally harass debtors.

Will the Feds follow the money?

Re:What about the agencies? Will they face charges (1)

Mille Mots (865955) | more than 8 years ago | (#12616264)

Will the Feds follow the money? The Fed's *are* the money, so in short, 'No.' (note: I'm well aware that the Federal Reserve is neither)

Screw identity theft... (4, Interesting)

Racter (804902) | more than 8 years ago | (#12616055)

...do the police intend to track down the information to and "reclaim" it from the collection agencies, advertisers, etc.?

Does this mean... (1)

hoovernj (827158) | more than 8 years ago | (#12616058)

I guess the hackers (or crackers if you'd rather) dared to dream? [wachovia.com]

after reading article (4, Informative)

tofucubes (869110) | more than 8 years ago | (#12616069)

according to the article at least 108000 customers were notified that's about a fifth

Bank of America (up $0.10 to $46.67, Research), the nation's No. 2 bank, has notified 60,000 customers of the problem. Wachovia (Research) has notified 48,000 customers.

Makes you wonder (2, Insightful)

TykeClone (668449) | more than 8 years ago | (#12616104)

why so many people use the largest of the nation's banks. They aren't inherently more secure than smaller banks and are larger targets because of the number of customers that they have.

There are several thousand smaller banks in the United States and many smaller banks have lower fees than those giants and a customer actually means something to those banks.

Re:Makes you wonder (2, Insightful)

LoverOfJoy (820058) | more than 8 years ago | (#12616319)

Because their ATM machines are everywhere? I like my local credit union and they are generally good about fees but when I'm out of town and need to use an ATM I get jacked with fees from both the ATM and my credit union.

Re:Makes you wonder (1, Flamebait)

mOoZik (698544) | more than 8 years ago | (#12616324)

Because the bigger banks offer me services that others probably would not be able to. For example, on-line bill paying. For example, 24/7 customer support. For example, an anti-fraud team that helped to rid $600 of fake charges from my account in ONE day after ONE call. For example, branches just about everywhere you go. For example, even with FDIC, knowing your bank is not going to close for whatever reason. For example, knowing that even with such breaches of security, they are a thousand times better than smaller banks. Hey, guess what? That's the same reason I use Windows XP instead of Linux.

Most Banks have poor IT. (-1, Troll)

jellomizer (103300) | more than 8 years ago | (#12616107)

Many times it is not nessarly their fault. The speed that banks buy each other out and inherating different banking software which may be incompatible with each other creates a very difficult It to manage. Combined with they fact that most Online Banking Websites use IIS 4.0 Which means they are probably running NT or 2000. Makes a ripe breading grown for this type of stuff.

Re:Most Banks have poor IT. (0)

donnyspi (701349) | more than 8 years ago | (#12616165)

And by "breading grown" I assume you mean "breeding ground"

Be thankful. (4, Informative)

jd (1658) | more than 8 years ago | (#12616116)

It is only very recently that States - like California - require the publishing (even to victims) of this kind of information. Had this happened even a few years back, we'd be none the wiser until we'd all been ripped, and even then the banks would likely claim innocence.


(Those from the UK may recall the curious scandal of "Phantom Withdrawls" from ATM machines, where mysterious, large withdrawls were taking place, even though nobody was apparently present to make those withdrawls. It was unimaginably difficult to prove the vitim was a victim, and even then it was next to impossible to get the bank to repay the money.)

bank of america link (1)

rogueuk (245470) | more than 8 years ago | (#12616118)

Why is there no link to Bank Of America [bankofamerica.com] in the summary?

USAA (1)

SCHecklerX (229973) | more than 8 years ago | (#12616131)

I sure am glad that I did *some* time in the service. One would hope that this type of thing wouldn't happen with a bank that serves the armed forces.

Re:USAA (0)

Anonymous Coward | more than 8 years ago | (#12616276)

Where do you think the govt credit cards which are mandatory for use on govt travel are issued from?

in other news... (0)

Anonymous Coward | more than 8 years ago | (#12616138)

"BitTorrent is responsible for this terrible identity theft.
We have information that the same individuals who leaked Mr. Lucas' new Star Wars movie, is also responsible for this round of identity theft.
Mr. and Mrs. BitTorrent have failed to respond to our communications, thereby proving their guilt in this matter."
--MPAA Spokesperson

Jail teh BitTorrent!!!

check your accounts (4, Informative)

lambent (234167) | more than 8 years ago | (#12616144)

/me scans article ... wachovia, pennsylvania ... shit.

Wachovia says that they sent out letters to everyone they know to be affected. My mail service is spotty at times, so I gave them a call. 1-800-WACHOVIA (1-800-922-4684). Just keep pressing 0 till you get an operator. Their customer service workers were able to tell me over the phone if my account was compromised. It's not. w00t! Took them about five minutes, but I think everyone should double check.

whew (5, Funny)

Himring (646324) | more than 8 years ago | (#12616152)

Luckily, I don't use banks. I keep all my money in a thermos under a combination lock. I then tether the combination to a string in a mylor bag and swallow it tying it off on a rigged bicuspid that will send a charge to the bag signaling an incendiary device which will destroy the note unless the tooth is first properly removed. But the bicuspid is fake -- threaded backwards with a one-way screw head. Of course, an anal probe might easily by-pass the oral security, but I recently had my sphincter sewn shut and I only consume nutrient drinks which, by chance, I keep in the thermos....

Stop using big banks (4, Interesting)

Figz (217203) | more than 8 years ago | (#12616153)

My bank offers:

1. Higher interest rates
2. Interest-bearing checking accounts
3. No fees ever
4. Free online billpay
5. ATM fee refunds (since they don't have their own ATMs)
6. Postage paid envelopes for deposits
7. 24/7 Customer Service with almost 0 hold time
8. No BS

I switched to an internet bank a long time ago and I'll never look back. But I'm not going to tell you what the bank is because I don't want it to turn into a "big bank". Go find your own.

Re:Stop using big banks (1)

Pakaran2 (138209) | more than 8 years ago | (#12616191)

I wonder about those online banks though... are they insured, or are they located in some island nation of a few hundred people where the local police won't care when the bank shuts down and pockets all the money?

10 is a good start (4, Interesting)

Nom du Keyboard (633989) | more than 8 years ago | (#12616170)

Account information on the customers was illegally sold by bank employees to a man identified as Orazio Lembo

Everyone involved in this should be in jail Now! Ten years apiece is a good start.

And I don't mean Club Fed either.

I'm really getting sick of this... (2, Insightful)

johndierks (784521) | more than 8 years ago | (#12616172)

I really feel like that these security breaches are criminal negligence. So far it's been 'All of our customer info has been stolen, we're really sorry."

Holders of mass amounts of critical info need to learn that if they lose it, or mismanage it, that they will be held liable for hundred of millions of dollars in civil penalties, and years in prison for the most egregious cases of negligence.

No problems here... (1)

PenguinBoyDave (806137) | more than 8 years ago | (#12616174)

I use a small, regional Credit Union. I had nothing but trouble when I was with Bank of America and Sun Trust (system outages, errors in reporting, etc.) and now this. I think using smaller credit unions or regional banks, while limiting in some cases, is better, because they don't get so big that they forget who their customers really are.

Can I sell my info before someone else does? (4, Funny)

loggia (309962) | more than 8 years ago | (#12616216)

How much are these guys getting?

Like, can I sell my personal information before someone else does?

Oh no! Not the Band of America, Wachovie, others.. (0)

bannerman (60282) | more than 8 years ago | (#12616226)

How could they! Somebody must think of the children.

It will only get worse (4, Insightful)

Amoeba (55277) | more than 8 years ago | (#12616234)

This is similar to the Choicepoint breach where account information was sold to an illegitimate company posing as a real customer. The main difference here is that there were "inside guys" who knew the selling of the data was to a bogus firm. What I find most interesting is that the main clients that the perpetrator (Orazio Lembo) sold to were.. wait for it... law firms and collection agencies! Talk about a vicious hive of scum and villiany.

I say it will only get worse because the Sarbanes-Oxley Act is coming into effect which requires companies to put into place access controls to monitor/audit who has access to what information (among other things). The SOX, in conjunction with the Gramm-Leach-Bliley Act are forcing corporations to get their financial house in order in such a way that this type of malfeasance is getting much harder to hide. Expect to see more of the same for quite some time.

While I think it's nice that these laws are having their desired effect I still envy those wacky europeans and their data protection laws.

Amoeba

Glad I opened a new account (2, Interesting)

Pedrito (94783) | more than 8 years ago | (#12616243)

I have an account with Wachovia. About 6 months ago, I started putting rather significant sums in it. Enough that were the account to get robbed, I'd be seriously upset. What concerned me at the time was that I had used my check card for online transactions, though.

The thought that someone could wipe me out financially by cracking an online system got me worried enough that I opened a checking account at a local bank where I now keep a majority of my funds. I move enough into the Wachovia account for paying bills and stuff that are connected to it, but there's never enough in there to completely wipe me out anymore.

And obviously, with the new bank, I won't be using the check card online. It looks like mine wasn't affected and it doesn't look like the account info was being used for robbery, I still feel more secure with the new account.

Just called BofA.... (1)

tloh (451585) | more than 8 years ago | (#12616244)

I was just told that because I live in California and opened my account in this state, my account information should not be affected by a breach in New Jersey, where the incident occured. Can anyone corroborate this?

Re:Just called BofA.... (2, Informative)

CarrionBird (589738) | more than 8 years ago | (#12616305)

Lol, I can corroborate that BofA is feeding you a load of crap. These types don't admit anything they don't ABSOLUTELY have too.

Time to sue these companies out of existence! (0)

Anonymous Coward | more than 8 years ago | (#12616269)

This is ridiculous, there is another story of 500,000+ people's data being stolen. How many have to happen before my institution is affected.

So I Log on to Wachovia's Site and See This... (2, Funny)

judmarc (649183) | more than 8 years ago | (#12616289)

Customer Protection

Guard yourself against fraud and identity theft. Wachovia provides the highest levels of protection and stands ready to assist you should you become a victim.

Irony, anyone?

Credit Unions (1)

Clay Pigeon -TPF-VS- (624050) | more than 8 years ago | (#12616299)

And this is why I keep all my money in a credit union. CU's are generally too small for this sort of thing to happen, and you get better rates with them as well (generally speaking).

Go after the "clients" too (1)

Wansu (846) | more than 8 years ago | (#12616325)


"That information was then sold to his clients, which included more than 40 law firms and collection agencies."

I don't know whether the 40 law firms and collection agencies are criminally liable but if they ain't, they oughta be. An example should be made of them. Yes, those taking the data bear the brunt of the blame but the ones purchasing it have some culpability too.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?