By Dan Goodin in San Francisco
12th January 2010
Hackers have stolen the login credentials for more than 8,300 customers
of small New York bank after breaching its security and accessing a
server that hosted its online banking system.
The intrusion at Suffolk County National Bank happened over a six-day
period that started on November 18, according to a release (PDF) 
issued Monday. It was discovered on December 24 during an internal
security review. In all, credentials 8,378 online accounts were
pilfered, a number that represents less than 10 percent of SCNB's total
"Although the intrusion was limited in duration and scope, SCNB
immediately isolated and rebuilt the compromised server and took other
measures to ensure the security of data on the server," the bank,
located about an hour east of New York City, stated. "To date, SCNB has
found no evidence of any unauthorized access to online banking accounts,
nor received any reports of unusual activity or reports of financial
loss to its customers."
The breach represents a variation on more traditional types of attacks
on online banking. Cyber crooks typically target customers by
surreptitiously planting malware on their computers that log their user
name and password. The FBI estimates that online banking losses to small
and medium-sized businesses alone have reached $100m.
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News