By Linda McGlasson
January 31, 2008
In the wake of news about insider fraud at French bank Societe Generale,
two different banks in two different countries have acknowledged
information security breaches that underscore the need for increased
vigilance - by financial institutions and their customers.
In Forth Worth, Texas, OmniAmerican Bank announced it had stopped
hackers who had broken into the bank's online banking system and were
taking monies from customer accounts through ATM withdrawals.
OmniAmerican has more than $1 billion in assets and 17 branches and is
one of the largest independent banks in the Forth Worth area.
In Uppland County, Sweden, authorities announced the arrests of seven
cybercriminals who were stopped seconds before their crew made off with
millions from an unidentified Swedish bank. The criminals had
surreptitiously installed equipment on a computer at the bank that would
allow the hackers to divert online funds to other accounts.
Hackers Halted in Texas
In OmniAmerican Bank's case, the bank's information security team
detected fraudulent activity on some customer accounts, and the bank
placed temporary limits on some ATM and debit card transactions. The
team discovered the activity during the evening of January 18.
At the same time, the bank suspended access to some electronic banking
services, but access to those services was restored on January 21.
Because of the breach, the bank says it is issuing new check cards, ATM
cards and personal identification numbers to customers to guard against
"future fraudulent activity." Letters alerting bank customers of the
fraudulent activity were delivered by mail.
In a statement issued by the bank, Tim Carter, president and CEO, says:
"OmniAmerican has always placed a top priority on protecting our
customers. Our security team felt these measures were the most prudent
to protect our customers and the bank. Only electronic services were
affected, and all other banking services remain unaffected."
"Unfortunately, the threat of cybercrime is a risk faced by all
financial institutions," Carter adds. "We must remain vigilant in
attempting to thwart such activity through the updating and continual
monitoring of technologically advanced security systems, as well as
through professional diligence."
Carter told a local Fort Worth newspaper that approximately 40,000 cards
were reissued, and the system break-in was the work of a sophisticated
international gang of cybercriminals who withdrew funds from ATMs
located outside of Texas. Losses were minimal, Carter adds, noting that
no customers would suffer any loss, and that fewer than 100 accounts
were compromised -- most of them dormant and all restricted to
withdrawals of $1000 per day.
The bank thwarted the hackers by first stopping all ATM withdrawals
outside of Texas, and then suspending ATM and debit card services during
its initial investigation. A note on the online banking website page
told bank customers, "We apologize for the temporary restriction of our
ATM and debit card services. You are a valued customer and we realize
the temporary restrictions placed on our ATM and debit card services
have created some inconveniences for you. Please be assured the
restrictions were put in place to protect all of our customers and we
know now that this action was successful in defeating this targeted
fraudulent activity. The security of your money and the privacy of your
identity are our ultimate concern."
On Jan. 30, the bank's spokesperson, Randi Mitchell, said she had no
further details, and until the ongoing law enforcement investigation was
completed, the bank would not disclose any additional information.
Plug Pulled in Sweden
According to a statement made by Thomas Balter Nordenman, the prosecutor
in charge of the Swedish case, the would-be hackers placed advanced
technical equipment under an employee's desk that allowed them to take
remote control of the computer. When the employee saw the computer begin
an operation to transfer millions from the bank into another account, he
pulled the cable to the discovered device and stopped the transfer at
the last second.
The prosecutor said the attempted robbery occurred last August at an
unidentified bank north of Stockholm. Details of the event were released
only after the seven suspects, all from the Stockholm region, were
arrested earlier in the week, amidst their preparations for another bank
robbery. Police noted some of the suspects have previous fraud records.
This investigation continues.
Subscribe to InfoSec News