Texas firm countersues bank in connection with $800,000 cyber theft
Manufacturer seeks about $200,000 and court costs from PlainsCapital bank
Computerworld - A Texas manufacturing firm last week filed a counter lawsuit against PlainsCapital bank of Lubbock in connection with the cyber theft of some $800,000 from its online banking account.
In a complaint filed in U.S. District Court for the Eastern District of Texas, Hillary Machinery Inc. of Plano, charged that PlainsCapital failed to adequately protect the stolen money from online thieves. Just as it would not be "commercially reasonable" for the bank to keep cash unguarded from thieves, it was unreasonable that the bank did not have adequate online protections, Hillary's complaint said.
Hillary Machinery is seeking to recover its losses from the theft along with court costs.
"When we put money into a bank there is a high expectation that the bank is going to protect that money," said Troy Owen, Hillary's vice president of marketing.
Hillary filed the lawsuit just a couple of months after PlainsCapital sued it, asking the same court to certify that its security procedures were "commercially reasonable." In its complaint, the bank noted that it had made every effort to recover the stolen money.
The bank's lawsuit was filed after Hillary demanded that it repay about $200,000, the amount of money not recovered since the theft.
The bank's somewhat unusual lawsuit did not seek anything from Hillary. In its complaint, the bank noted that it had made every effort to recover the stolen money and claimed that the unauthorized wire transfer orders had been placed by someone using valid Internet banking credentials belonging to Hillary Machinery.
The bank argued that it had accepted the wire transfer requests in good faith and was not at fault.
The dispute stems from a series of unauthorized money transfers made from Hillary's online banking account in 2009. The thieves, apparently using valid Hillary online banking credentials, accessed the company's account and wire-transferred a total of $801,495 to various overseas accounts. PlainsCapital recovered about $600,000 of the stolen money last year.
In last week's response to the bank's lawsuit, Hillary insisted that when it entrusted its "vital operating capital" to the bank, it assumed that PlainsCapital would adequately protect the money. The lawsuit comtended that the authentication measures used by PlainscCapital for wire transfer transactions could not protect the company from the kind of theft that hit Hillary.
"Hillary Machinery was not required to secure PlainsCapital's Internet banking system to ensure that its funds were not stolen and was not required to ensure that true multifactor identification was employed by PlainsCapital to counteract the known threat posed by malware, phishing and pharming," the complaint noted. Hillary insisted that if PlainsCapital had used "commercially reasonable" security measures, the unauthorized transfers would have been found to be outside the norm for Hillary.
- University of North Florida breach exposes data on 107,000 individuals
- Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.
- GAO slams White House for failing to lead on cybersecurity
- Man charged with attack on Web site of Fox News' Bill O'Reilly
- Heartland breach expenses pegged at $140M -- so far
- IT contractor gets five years for $2M credit union theft
- Democracy would suffer if Google left China, says MIT panel
- Gonzalez accomplice gets five years for hacking TJX
- Threat of cyberattacks from overseas high, federal IT execs say
- Botnets 'the Swiss Army knife of attack tools'
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Cybercrime and Hacking White Papers | Webcasts