Bank, customer settle suit over $800,000 cybertheft

PlainsCapital Bank sued Hillary Machinery after the latter's account was depleted by online thieves

By , Computerworld |  Security, cybersecurity

An unusual legal dispute between a Texas bank and a business customer over the online theft of more than $800,000 from the latter's account at the bank has been quietly settled.

Lubbock, Texas-based PlainsCapital Bank earlier this year sued Hillary Machinery Inc. after cybercrooks broke into Hillary's PlainsCapital accounts and wire-transferred about $801,000 to various bank in Europe.

About $600,000 of that amount was later recovered by the bank. In a letter to the bank, Plano, Texas-based Hillary demanded that PlainsCapital repay it the rest of the stolen money. In a letter to the bank in December, the distributor of machine tools contended that the theft occurred because PlainsCapital failed to implement adequate security measures.

PlainsCapital promptly sued the company, arguing that its security procedures were "commercially reasonable" and that it that it had made every effort to recover the stolen money.

Hillary filed a countersuit against the bank for not doing enough to protect customer accounts.

The two sides agreed late last week to settle the case, just days after a federal court in Texas rejected motions by PlainsCapital to compel arbitration of the dispute. Troy Owen, Hillary's vice president of sales and marketing, confirmed the agreement but refused to disclose details, citing confidentiality agreements. John Floeter, a spokesman for PlainsCapital, also confirmed the settlement and declined to comment further.

The settlement brings to an end a case that had attracted considerable attention. PlainsCapital's lawsuit against Hillary was believed to be the first time that a bank preemptively sued a customer that had been victimized by a cybertheft.

In the lawsuit, filed in U.S. District Court for the Eastern District of Texas, PlainsCapital argued that it had made every effort to recover the stolen money and claimed that the unauthorized wire transfer orders had been placed by someone using valid Internet banking credentials belonging to Hillary Machinery. The bank claimed that it had accepted the wire transfer requests in good faith.

PlainsCapital's lawsuit named Hillary as the defendant, but did not accuse the company of any wrongdoing. Instead, it asked the court to certify that reasonable computer security measures were in place when the breach occurred.

Originally published on Computerworld |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question