January 28, 2010 at 18:14Bank sues victim of cyber fraud
An interesting precedent may appear after the trial in Texas. Local bank PlainsCapital sued on its client Hillary Machinery, which has become a victim of kibermoshennichestva.
In November, hackers from the Romanian and Italian IP addresses emptied the bank account of Hillary Machinery by $ 801,495. About $ 600 thousand of this amount was later compensated by the bank. The affected company demanded that the remaining amount be reimbursed. In the letter (scan under the habrakat), the company argues its requirements with the fact that theft was made possible due to the insufficiently reliable PlainsCapital security system.
In response, the bank filed a lawsuit and demanded an examination of its security systems. According to the plaintiff, their safety procedures are “commercially reasonable”.
The theft of money was made using the valid bank details of the client. According to the bank, there was no reason to consider this a fraud.
The client believes otherwise. First of all, never before have money from this account been transferred abroad. Secondly, a large amount was withdrawn in several dozen transactions within two to three days, which should also trigger triggers in the security system, but this did not happen. Each transfer went to a new account, while Hillary Machinery has a limited set of counterparties with whom transactions are constantly conducted.
As part of the lawsuit, the bank does not require anything from Hillary Machinery, it simply asks that its security system, as mentioned above, be “commercially reasonable”. This is the first such lawsuit in the history of American justice, although several similar lawsuits filed by bank customers are pending before the US courts, demanding to acknowledge the weaknesses of their banks' security systems and return stolen money to them.
via Computerworld
In November, hackers from the Romanian and Italian IP addresses emptied the bank account of Hillary Machinery by $ 801,495. About $ 600 thousand of this amount was later compensated by the bank. The affected company demanded that the remaining amount be reimbursed. In the letter (scan under the habrakat), the company argues its requirements with the fact that theft was made possible due to the insufficiently reliable PlainsCapital security system.
In response, the bank filed a lawsuit and demanded an examination of its security systems. According to the plaintiff, their safety procedures are “commercially reasonable”.
The theft of money was made using the valid bank details of the client. According to the bank, there was no reason to consider this a fraud.
The client believes otherwise. First of all, never before have money from this account been transferred abroad. Secondly, a large amount was withdrawn in several dozen transactions within two to three days, which should also trigger triggers in the security system, but this did not happen. Each transfer went to a new account, while Hillary Machinery has a limited set of counterparties with whom transactions are constantly conducted.
As part of the lawsuit, the bank does not require anything from Hillary Machinery, it simply asks that its security system, as mentioned above, be “commercially reasonable”. This is the first such lawsuit in the history of American justice, although several similar lawsuits filed by bank customers are pending before the US courts, demanding to acknowledge the weaknesses of their banks' security systems and return stolen money to them.
via Computerworld