Credit Cards Data Stolen In 1st Source Bank Intrusion
Hackers broke into South Bend, Ind.-based 1st Source Bank system from the outside and compromised a server containing debit card data. The bank is currently reissuing its entire portfolio of debit cards, probably tens of thousands of them.
The $4.5-billion-asset bank with 79 branches in northern Indiana and southern Michigan began alerting customers last month after an outside monitoring service it uses noticed on May 12 an unusual flow of data from a bank server containing debit card data. The server was immediately shut down. The bank notified law-enforcement authorities and hired outside forensic firms to analyze the breach.
The server that holds debit card information transferred information out. It is unclear what percent of card holders is affected. The hackers got Track 2 data contained on magnetic stripes, including account numbers and PINs in at least some cases. The information how the hackers tapped the server was not released to public.
1st Source Bank is sending out letters reminding their customers to check their recent bank account activity. Out of an overabundance of care, the bank is reissuing new MasterCard-branded debit cards to all customers. 1st Source also is offering customers free credit-report monitoring for a year and called in a forensic computer specialist team from the Washington, D.C., area to shut down the breach immediately and to help determine who was behind it.
Bank officials have yet to tally the cost of mailings to customers, creating new debit cards, consultants’ fees, paying for identity theft protection and employee overtime related to the security breach.
So far no fraud has been discovered as a result of the intrusion.
More on CyberInsecure:
June 14th, 2008 at 8:39 am
Why does this keep happening? There is a defined eCulture called The Business-Technology Weave that helps to influence employee behaviour as regards security, use and integrity of data. This is particularly relevant: ***spam – link removed*** . Some good stuff here too: ***spam – link removed*** . We use this book at work – I wouldn’t recommend it if it wasn’t making a tremendous difference. Frankly, I would like my bank and any institution that handles MY personal data to read it – before it’s too late! Given all of these data thefts, it’s only a matter of time before any specific person experiences a real headache – something worse than losing your wallet, for example. Can’t we get proactive about this??