Construction company, bank, settle dispute over $345,000 cyber heist
Both had sought to hold the other responsible for theft
Computerworld - A Maine construction company that sued its bank after losing $345,000 in an online banking heist has settled its dispute after a protracted legal battle that raised questions about the bank's responsibility in protecting customer accounts against cyber fraud.
The settlement between Patco Construction and People's United Bank (formerly Ocean Bank) comes about four months after the U.S. Court of Appeals for the First Circuit faulted the bank's security measures at the time of the theft and advised the two sides to work out a compromise.
Bankinfosecurity.com, which was the first to report the settlement, quoted Patco's co-owner Mark Patterson as saying that the bank has agreed to reimburse the company's losses from the theft. No other details of the settlement were released.
Court records show that the two sides agreed to dismiss the case on Nov. 19. Neither Patterson nor People's United responded to requests for comment on the settlement.
Patco, a family-owned construction company in Sanford, Maine, sued Ocean Bank in 2009 after online crooks believed to be operating in Europe siphoned close to $590,000 in a series of unauthorized Automated Clearing House (ACH) transfers.
About $243,000 was later recovered after the fraud was detected. Patco sued Ocean Bank for the remaining money claiming that the theft was the result of the bank's failure to implement reasonable security measures as defined under the Uniform Commercial Code (UCC).
The lawsuit charged Ocean Bank with negligence and breach of contract for failing to detect and stop the unauthorized ACH transfers even though they were clearly fraudulent. Patco claimed in its lawsuit that the bank should have noticed that the fraudulent transfers were for much higher amounts than the company's usual transactions and were being sent to an unfamiliar overseas bank account.
Patco also faulted Ocean Bank for not implementing stronger authentication mechanisms, such as token-based authentication and out-of-band verification, which many banks were using at the time.
Ocean Bank, for its part, blamed Patco for the loss. The bank said the thieves were able to steal the money only because Patco had allowed them to gain access to the username and password the company used to log in to its commercial banking account.
Ocean Bank insisted that it had processed the ACH requests in good faith after it had verified that the proper IDs, passwords and answers to challenge response questions were being used to conduct the transactions.
In a ruling in May 2011, a Maine Magistrate sided with Ocean Bank and recommended that the U.S. District Court in Maine grant the bank's motions for a summary dismissal of Patco's complaints.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Crafty hackers hack craft stores -- again.
Michaels Stores (NYSE:MIK) has finally confirmed the details of the point-of-sale hack revealed in January. It's unclear what's taken them so long -- the company claims the hack was "highly sophisticated," but everyone uses a blah-blah phrase like that.
Your humble blogwatcher notes that the problem persisted for more than a month after the news first broke. smh.
In IT Blogwatch, bloggers are aghast that, for the second time, the company's POS was hacked -- lasting almost nine months.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- The Big Data Opportunity for HR and Finance
- If CEOs, CFOs, CIOs, and CHROs want to drive their businesses forward, they will need to quickly recognize the enormous value of big...
- Manufacturing Outlook: Improving time to market, operational effectiveness and innovation in a highly competitive environment
- An enterprise project portfolio management solution can help manufacturers position themselves in the new competitive landscape.
- Time-to-Market: The Need for Speed in the Automotive Industry
- Bringing new vehicles to market quickly has never been more challenging. To bring new models to market on-time and on budget, automakers need...
- Application Rationalization Scorecard: Analysis to Action
- This paper details a proven method, used most recently to evaluate a financial services application portfolio. At the method's core is the scorecard....
- Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
- This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
All Financial IT White Papers
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control.
Enhance Your Virtualization Infrastructure With IBM and Vmware
Date: Wednesday, May 14, 2014, 1:00 PM EDT
Virtualization technology is now expanding beyond the server compute elements to encompass networking and storage...
Transforming Finance, Procurement and Supply Chain Effectiveness with Cross-Functional Analytics
Date: May 6th, 2014
Time: 1 PM EDT
Attend this Webcast to find out how Oracle's packaged analytic applications enable line-of-business managers to examine all...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources...
- All Financial IT Webcasts