Bank Not Responsible for Letting Hackers Steal $300K From Customer

Originally posted by mishigas
But his account was being siphoned off at the rate of $100,000 per day. The bank should have red flagged this activity by day 2 and notified the customer. They were negligent in not notifying the customer earlier, imo.

Exactly. I recieve a phone call from my bank and credit cards if I make a purchase over $100.

reply to post by korathin

You have to remember that if thieves were to break into a bank's headquarters and make off with Social Security numbers and other info. And then use that information to perpetrate Identify Theft the victim can be held accountable for any debt incurred in some cases.

No way! Seriously? What, have we entered upside down land and nobody told me?

Seriously, if true, then that is the most ^%^'ed up thing in the world!

Originally posted by mishigas
Yes and no. The customer was infected with the Zeus password stealing virus, perhaps he could have been more vigilant or perhaps he has a case against his security software vendor, Norton or whomever.

While I agree in principal that bank clients should be more cautious when using any computer, given the degree of sophistication used in many of today's hacks that is a somewhat unrealistic expectation. Joe 6 pack will be too busy ensuring caps lock is not engaged versus maintaining a sterile PC environment. Many users are educated on the perils of e-mail threats but many are also unaware of different attack vectors and malware. Many legitimate sites have fallen victim to malware penetrations. 3rd party security software vendors will do their part but there may only be so much an end user can do. Ultimately it is the banks with their bloated budgets and very technical service and security offerings that need to step up and take whatever steps are necessary for their clients.

Originally posted by mishigas
But his account was being siphoned off at the rate of $100,000 per day. The bank should have red flagged this activity by day 2 and notified the customer. They were negligent in not notifying the customer earlier, imo.

Agree completely as was the case in this article. Sounds like the bank was lazy and did not perform their due diligence to provide adequate safeguards. They were probably too busy phoning customers to sign up for insurance The customer should sue them for negligence. I've had a call from Visa (I realize a separate entity but the same idea) when large purchases were made, red flags went off and they responded accordingly.

brill

It is a virtual burglary. They have security gaurds, alert buttons and safes to protect money from someone walking in and stealing, why is virtual any different?

Everyone is missing the point of this ruling...

Yes, the bank could have done more, but the security measures currently in place were unable to protect this taxpayer and thier money; Better security would have prevented this.

For example...if Obama's digital ID system was in place this person probably would not have been robbed.

See how smoothly one segues into the other?

This story is too perfect, right down to the location...honest, hard working person from Maine, just like millions of others in rural America who are also at risk if something isn't done to protect them.

reply to post by TheyWontBelieveU


Sounds made up! That sounds like a personal attack with no argument!

Message me and I'll give you the phone number to a friend of mine who's Wells Fargo account was drained for $6,300.00 by a Meth head and hear what happened, even after they caught the individual and they admitted to it.
Since I am a Wells Fargo customer also, not by choice, I personally asked the bank manager and recieved that response. Do you want her number also?

BTW, reread the article you posted it protects you ONLY IF THE BANK FAILS! Not theft. . .

As for the automated transaction movement it is just another way to bleed the public of money, slowly. $1 here, $1.50 there and god forbid you overdraft even for 1 minute, take a look at how much that costs people when it happens. And the people this happens to are usually not that rich to begin with. I have several employees that get screwed by the wonderful banks they must use all the time, that is why I only use out of necessity. I even closed my safety deposit box for a concealed home vault.
I hope those that cater to banks don't also believe the SHTF scenario because if it happens say goodbye to your money, for a bit at least. I mean really who is going to go to work that day, your teller?

Originally posted by ChaoticOrder

Originally posted by Nutter

Originally posted by brill
I feel the bank is completely at fault, its their business and service, protect it. This sets a disturbing precedent.

Damn right it does. What next? Ebay? Netflix? Gasp.......paypal?

I think this is a bit more complicated than people are making it out to be. The bank can only do so much to secure their system, but you also have to keep your passwords and pin numbers secure. You should never have such sensitive banking information stored on your computer, always write it down. You also want to make sure your computer isn't infected with keyloggers or something like that. However, some online banking login forms have a way of circumventing keyloggers.

With regards to your comment.... you say banks can only do so much, but then how can customers be ultimately responsible for somebody hacking into their own computer even though they have anti-virus and anti-malware installed??!!

It seems nowadays that banks are never at fault for their own mistakes, and we are all at fault for their mistakes as well.

Trillions in handouts and 30 grand is too much to compensate...... ridiculous!!! Banksters aren't victims, they are fraudsters exactly the same as the hackers who stole the money from his account.

Am I the only one that doesn't see an issue with this ruling? Maybe it's because I build software for a living and we (programmers) have an old saying - build something dummy-proof and they'll invent a better dummy.

reply to post by brill


Not again. Stupid banks.
Why haven't we set a day where we all just goto the bank machines and start taking all the money out of our accounts. Eventually they will give- and if it kills the economy. Burn down the banks.

Originally posted by [davinci]
Everyone is missing the point of this ruling...

Yes, the bank could have done more, but the security measures currently in place were unable to protect this taxpayer and thier money; Better security would have prevented this.

For example...if Obama's digital ID system was in place this person probably would not have been robbed.

See how smoothly one segues into the other?

This story is too perfect, right down to the location...honest, hard working person from Maine, just like millions of others in rural America who are also at risk if something isn't done to protect them.

edit on 8-6-2011 by [davinci] because: (no reason given)

Huh? If the bank knowingly acknowledges fault and it in their best interest to protect those they provide service to then the bank is at fault and should reimburse. Obviously better security would help but who's to say that extra measures could have prevented this, no one. The fact remains that the bank did not take measures to protect their client.

As for Obama's plan that is irrelevant. If you honestly believe that a government initiative such as you've described would have averted this you know very little about the network security. How many countless attempts, be it government or private sector, have failed miserably at these types of attempts. That's laughable, at best

brill

Originally posted by tribaltrip
reply to post by brill

 

Not again. Stupid banks.
Why haven't we set a day where we all just goto the bank machines and start taking all the money out of our accounts. Eventually they will give- and if it kills the economy. Burn down the banks.

You might want to check this out. Different country but .....

link

brill

reply to post by brill


I'm a Network Tech.

Re-read my post, my point is that this story will be used to help convince people that they need the digital ID system. I never said that the system would work (I've posted numerous times about what a farce the whole plan is) only that people will be sold the idea that it could have worked and therefore needs to be implemented.

This story places the blame on the weak security available/used by the customer. Read between the lines friend, the obvious next step is that there needs to be something better for the customer to rely on. Why have the banks spend money on a security system that frankly they should already have? It's easier to have a database of every single American that can be used to validate who they really are.

It seems like every day now there is a story about hackers getting acces to personal data, private corporate documents and now with this story they have gotten into bank accounts. People are being groomed to demand that something be done.

IE...Obama's ID plan or something just like it.

Terrorists brought you the TSA and the Patriot Act, hackers will bring you digital ID's.

Originally posted by THE_PROFESSIONAL
Wait a minute!! I feel really bad for the person whose money got stolen, that is totally messed up, but how is it not the bank's responsibility for a customers security?

The bank is in a contract to secure the customers money, the banks owns the point of entrance and is in the
very business of securing money, did we enter into a new dimension here?

Originally posted by [davinci]
reply to post by brill

 

It seems like every day now there is a story about hackers getting acces to personal data, private corporate documents and now with this story they have gotten into bank accounts. People are being groomed to demand that something be done.

IE...Obama's ID plan or something just like it.

Terrorists brought you the TSA and the Patriot Act, hackers will bring you digital ID's.

I won't argue that grooming of sorts is in play I just don't subscribe to the notion that it will happen. Sure it's boogeyman tactics but that's about it. I think we're on the same page though, thanks for your reply

brill

reply to post by TheyWontBelieveU

Originally posted by TheyWontBelieveU
reply to post by cdnutz44

 

You sir are incorrect.

Uh, no, I am not. Further, the account holder does not void their coverage by having more than 250K in one account, that is just the limit of their coverage. For starters, go ahead and read through the FDIC info in your link. When you have finished, come on back this way and we can have a question and answer period (you ask the questions, I will give you answers-since the other way around would be counter-productive and a waste of time.

With such incidence like this, banks should start taking steps to enhance security by offering their customers to software when it comes to their files. With our very modern technology, even robbers also have the capacity to modernize their stealth. Thus, banks should be more sure with the security and confidentiality issue of the costumers.

Maine Judge John Rich has supposedly decided that even though a financial institution allowed internet hackers to take funds from a corporate client's account, the financial institution isn't liable to reimburse the cash. The plaintiff - as reported by Magistrate Judge John Rich - should have been more careful. Judge ruled bank is not responsible for hacked accounts , personalmoneystore.com/moneyblog. Thus, they should have done a better job of protecting its bank account details.

Okay I totally hate the banking system...But..in this case it was the customer's lack of security, i.e. allowing their system to be hacked and therefore giving the thieves access to the account log in details. The bank did have a two tier security system requiring account holder details and passwords, which of course the thieves used, so the bank would be unaware that it was not the customer making the transfers. However, I do agree that the amounts at $100,000 a day should have been red flagged immediately, unless of course it was not unusual for this particular company to make transfers of those amounts on a regular basis.

If on the other hand it was the banks system that was hacked, then yes, they should have returned every penny, but it wasn't, the security breach was at the customer's end.

But overall, although I'm very tech savvy, I just don't use online banking, as I just don't trust it.

This is a dangerous precedent to set and I think a ruling like this could really open the door for massive embezzling. This ruling literally gives an out to the banks. If one were so inclined, and worked at the bank, they could easily rip off customers as long as they covered their tracks. Since the bank would share no responsibility, they surely will not go out of their way to find the source of the theft.

Furthermore, when you place your money in the bank you are doing so with the idea that the bank will protect your money. If they are not going to be held to responsible for money being stolen that is in their possession, why should people not just throw their money under their mattress? It would be much safer since the responsibility appears to be on you to watch your own money even if it is not in your possession. If it is under your mattress, you can keep a better eye on it.

The more days go by, the more banking seems to be pointless. What is the point of putting money in a bank? They take my money, they use it to make money, they do not share in their success after using my money to be successful. Then I get charged money to access my own money that they are using to make a profit. So now if that money that they are holding comes up missing, too bad? They are not responsible? Does that make sense to anyone?