$500K Citigroup fine is for poor security on obsolete crime: insider theft of cash, not data

Theft, hacks make this the summer of Citigroup's Overly-Simple-Embezzlement Recession Recovery Plan

By  

A data breach at Bank of America in May involved not theft of cash, but an internal employee who leaked customer names, addresses, Social Security numbers, phone, bank account, driver's license, PIN and account-balance numbers as well as all the other information used to verify a customer's identity – birthdays, family names, email addresses and other information difficult to obtain any other way.

The scam cost more than $10 million in fraudulent spending, and caused a crisis of confidence at the bank.

It also caused a change in the way BofA looks at – and checks for – internal security risks. Even at a bank, not all the theft has to be an employee swiping cash.

Though you wouldn't know it from Citi's example, bank databases are normally fairly difficult to crack. Insiders willing to walk the data out the door avoid all the security around the digital perimeter and nets more complete, more valuable identity-theft data as well.

Makes simple embezzlement of a few million look hopelessly old fashioned and even makes hacking your way in from outside look like more trouble than it's worth, for payoff that's not nearly as high.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question