Bank of New York Mellon Security Breach Copycat

Security Incidents : Bank of New York Mellon Security Breach Copycat

Posted by Max on 2008/6/6 6:24:35 (1638 reads)

Following a February 27 security breach in Connecticut by the Bank of New York Mellon in which it lost up to 4.5 million customers' unencrypted financial data from banks including Wachovia, Chief Risk Officer Todd Gibbons said in a statement, "Protecting the confidentiality of our clients' information has long been a top priority at The Bank of New York Mellon."

But on April 29, a second breach occurred when BNY Mellon lost data containing scanned checks and payment documents in Pennsylvania, affecting 47 businesses and an undetermined amount of individual clients, as reported in the Pittsburgh Tribune-Review on May 31.

The Bank appears satisfied with its risk management team's response: Gibbons was promoted to Chief Financial Officer of BNY Mellon on May 27 -- the same week that Connecticut Attorney General Richard Blumenthal criticized the Bank for being "unable or unwilling to provide a full accounting of every individual potentially compromised."

In a statement, the Bank claims that after the breach on February 27 that exposed customers' Social Security numbers, names and addresses, transaction activity, and account numbers, it "immediately began the process, in coordination with its institutional clients, of notifying these individuals and offering them comprehensive fraud protection services." But according to Connecticut Attorney General Blumenthal, the State wasn't contacted until mid-May -- not by BNY Mellon, but by Peoples' Bank, whose customers' information was being acquired by the Bank for marketing purposes.

Some customers have reported problems obtaining information from the Bank as to whether they were affected. Bruce Sylvester told the Hartford Courant, "My wife and I have the same account. We called up Mellon the same day and got two different answers as to whether our information was on the tape."

The Bank initially offered customers one year of credit monitoring and $10,000 insurance -- moving to the current offering of two years' free monitoring and $25,000 insurance only after Attorney General Blumenthal criticized the initial offer as "grossly inadequate." And even with that protection, consumer information is not posted on the front page of the BNY Mellon website or found via its search engine.

UNITE HERE believes the Bank's customers deserve a secure system that does not allow confidential information to be lost and, above all, a transparent way to get assistance. As such, it has created the independent website http://lostbankofnewyork.net to offer consumers a simple way to find the information they need to protect themselves and to monitor the BNY Mellon's response.

Previous article - Next article

Other articles
2009/11/3 14:55:39 - BitDefender Top Ten Malware Threats for October 09
2009/11/3 14:29:38 - Nov. 09 Microsoft Security Intelligence Report
2009/10/7 15:19:17 - StopSign AntiVirus and Anti-Malware is Windows 7 Compatible
2009/10/7 15:11:26 - New Outlook Backup and Migration Software By Disk Doctors
2009/9/30 4:20:57 - Microsoft Security Essentials, FREE Security Tool Just Released
2009/9/28 14:31:52 - New Rogue Antispyware Cloaked To Infects Computers
2009/9/9 4:31:49 - Trend Micro Proves Leadership in URL Filtering and Web Security
2009/9/9 4:16:20 - New Free Tool to Clean Conficker Once and For All
2009/9/1 8:37:11 - Kaspersky Internet Security 2010 and Kaspersky Anti-Virus 2010 Out Now
2009/9/1 7:54:50 - NEW P2P Advertising Network Protects Users Against Lawsuits And Identity Theft

The comments are owned by the poster. We aren't responsible for their content.