Tuesday, September 8, 2009

Compliance Failure by bank leads to lawsuit

A big problem for major corporations is compliance, If they would have been compliant to the security standards laid by the FFIE Council, the breach of this couple's bank account would have been avoided and even this lawsuit, infact this might open more lawsuits for them. Noone why so many banks are expected to fall in US this year.

A judge of the District Court for the Northern District of Illinois allowed a couple to pursue their suit for negligence against the Citizens Financial Bank.
They claim an account they had at that bank was breached and they suffered a loss of $26,000 through theft, all because the bank had not implemented a two-factor authentication method as recommended by the Federal Financial Institutions Examination Council.

At that time, the bank were still using usernames and passwords for accessing the accounts, and they have not been able to convince the judge that their safety measures were adequate and that they didn't breach their duty to protect the account in question.

This decision gives weigh to the point that security analysts have been trying to prove for quite some time - companies need to show due diligence when it comes to protecting their customers' personal data, or they could get sued after a breach that compromises said data.
Read more...

-Abhishek

No comments: