Support NeoGAF

[goodcow]

http://money.cnn.com/2005/05/23/news/fortune500/bank_info/index.htm

Bank security breach may be biggest yet
Account info at Bank of America, Wachovia sold by employees; more arrests expected, N.J. police say.
May 23, 2005: 3:40 PM EDT

NEW YORK (CNN/Money) - Bank of America Corp. and Wachovia Corp. are among the big banks notifying more than 670,000 customers that account information was stolen in what may the biggest security breach to hit the banking industry.

Account information on the customers was illegally sold by bank employees to a man identified as Orazio Lembo, whom police said was doing business by illegally posing as a collection agency.

When police in Hackensack, N.J., first announced arrests in the case on April 28, they estimated that more than 500,000 people were affected. That number was raised to 676,000 Friday. Because some people have more than one account, Hackensack Police Chief Charles "Ken" Zisa says the number of accounts breached may top 1 million.

"As this gets going, these numbers are going to go up and up," Hackensack Detective Capt. Frank Lomia told CNN earlier Monday, adding that more arrests may be coming in the case.

The data-theft may have been the biggest ever in banking, the Hackensack, N.J., police department said in a statement, citing an unnamed Treasury Department official.

Of the four banks involved in the case, Bank of America (up $0.12 to $46.69, Research), the nation's No. 2 bank, has notified 60,000 customers of the problem. Wachovia (Research) has notified 48,000 customers.

Customer account numbers and balances were allegedly sold to Lembo, who then sold the information to collection agencies, the Hackensack police department said in a statement.

Wachovia customers whose account information was stolen have received complimentary one-year credit monitoring service and each account will also be monitored by the bank, a Wachovia spokesman told CNN, adding that two former Wachovia employees have been charged in the case.

Bank of America spokeswoman Alexandra Liftman said the bank was notifying customers affected, but added there was no evidence of account fraud or identity theft. Customers affected would be offered free credit monitoring, she said, adding Bank of America is cooperating with law enforcement officials and conducting its own internal investigation.

One associate who was named by police is "no longer with the bank," Liftman said.
Charges filed

Last month, New Jersey police arrested and charged nine people, including seven bank employees and Lembo, who operated DRL Associates, the bogus collection agency, Hackensack police said. A tenth person was subsequently arrested. DRL did not qualify as a collection or detective agency, the police said.

"Based on forensic examination of Lembo's computers, it was determined that he had employed upper-level bank employees to access and identify individual accounts in their respective banks," the police statement said. "That information was then sold to his clients, which included more than 40 law firms and collection agencies."

Lomia told CNN that Lembo paid $10 a name, convincing the bank employees that they wouldn't get caught. He said the department has not yet classified this as an identity theft case but is watching it closely.

In addition to confidential bank information, DRL also obtained employment information from the manager of the New Jersey Department of Labor in Jersey City, Hackensack police said.

Police estimate that Lembo made several million dollars over the past four years; and that his informants each made tens of thousands of dollars in the scheme.

The department said it is continuing its investigation, and the Department of the Treasury and the Internal Revenue Service also are involved.

The FBI in Newark told CNN it is not handling the case, but that the Secret Service may become involved.

Lomia said the law firms that allegedly sought Lembo's services are part of "phase two" of the investigation.

Other banks affected by the theft ring are Commerce Bancorp (Research), based in Cherry Hill, N.J., and PNC Financial Services Group Inc. (Research) PNC said it is cooperating with Hackensack police.

For more on ID security and how to protect yourself, click here.

 

[galeninjapan]

What does this have to do with Amazon.com?

 

[xsarien]

Scary, thanks to Bank of America going on a buying spree last year, my credit card is now underwritten by them. I'm not *terribly* concerned, though. American Express sends me an e-mail if someone so much as breathes on my credit report.

 

[goodcow]

What does this have to do with Amazon.com?

Oh gosh that's funny. That's really funny. Do you write your own material? Do you? Because that is so fresh. "What does this have to do with Amazon.com?" I've never heard anyone make that joke before. Mmm. You're the first. I've never heard anyone reference, um reference that here before. Because we all know I love Amazon.com, right? And yet you've taken that, and used it out of context, to insult me in this everyday situation. Gosh, what a clever, smart person you must be, to come up with a joke like that by your self. Mmm. God you're so funny!

 

[Rorschach]

Oh gosh that's funny. That's really funny. Do you write your own material? Do you? Because that is so fresh. "What does this have to do with Amazon.com?" I've never heard anyone make that joke before. Mmm. You're the first. I've never heard anyone reference, um reference that here before. Because we all know I love Amazon.com, right? And yet you've taken that, and used it out of context, to insult me in this everyday situation. Gosh, what a clever, smart person you must be, to come up with a joke like that by your self. Mmm. God you're so funny!

Excellent.

 

[xsarien]

Oh gosh that's funny. That's really funny. Do you write your own material? Do you? Because that is so fresh. "What does this have to do with Amazon.com?" I've never heard anyone make that joke before. Mmm. You're the first. I've never heard anyone reference, um reference that here before. Because we all know I love Amazon.com, right? And yet you've taken that, and used it out of context, to insult me in this everyday situation. Gosh, what a clever, smart person you must be, to come up with a joke like that by your self. Mmm. God you're so funny!

http://www.ga-forum.com/showthread.php?t=48910

 

[Loki]

What does this have to do with Amazon.com?

Better yet, what does it have to do with the MTA?


<runs and hides>

 

[Xenon]

American Express sends me an e-mail if someone so much as breathes on my credit report.

what do you have to do to get this service?

 

[xsarien]

what do you have to do to get this service?

I'm pretty sure step 1 is "Have a card in your name issued from American Express."

But here's the link to their CreditSecure service, which is $100/year:

https://www124.americanexpress.com/cards/loyalty.do?page=FraudCenter.creditsecure

There's also Credit Aware, which is slightly cheaper. There's no web page for it (natch), but you can call Amex and ask them about it.

 

[goodcow]

For $100 a year they better notify you of even the slightest thing.

 

[xsarien]

For $100 a year they better notify you of even the slightest thing.

1. What is Notify Express, and why do I need it?
Notify Express monitors your credit file from Equifax every business day and alerts you by e-mail or by U.S. mail when someone looks at your credit profile, when an account is opened in your name, or when a new address is reported to the credit reporting agency. If alerted by e-mail, you will be able to view the list of changes on your credit file by logging on to the CreditSecure site.
Notify Express can help you detect fraudulent activity in the early stages so you can act quickly should you suspect identity or credit fraud.

I moved about a month ago. I got an e-mail notification that Pacific Gas + Electric took a look at my credit report, and I got one telling me that a new address had been put into my file. I can only assume that the rest of the system works just as well and that I'll be notified if any credit cards are opened under my name. (I'll find out in a few months, I'm about ready to ditch Bank of America's credit card service entirely, a decision I made *before* the hack.)


And make no mistake, I do realize that $100 in general isn't really small change. But having an omniscient computer basically just staring at my credit report and firing off an e-mail to me if something changes is kinda cool, and I think, worth it. Especially with all of the nimrods out there cloning cards before you get them back at the restaurant, installing spyware, etc. It also means I don't have to sweat over this shit unless something unexpected happens, and I'm all about the free time.

I do think the quarterly updates are overkill, but it's not like you can pick and choose which features of the service you want. :shrug: