NY Bank Suffers Online Breach

8300+ Customers Compromised by Hack A Long Island, NY bank announced this week that more than 8,300 of its online banking customers had their log-in credentials stolen in a data breach that occurred last November.

The Suffolk County National Bank in Riverhead, NY says the breach of a server that hosts its online banking system happened over a six-day period starting on Nov. 18. The breach was discovered on Dec. 24, during an internal security review, the bank says in its announcement. Information on 8,378 online accounts was taken, but so far no money has been removed from those accounts.

"Although the intrusion was limited in duration and scope, SCNB immediately isolated and rebuilt the compromised server and took other measures to ensure the security of data on the server," the announcement says.

The bank says it has notified the consumer reporting agencies (Experian, Trans Union and Equifax) of the incident, along with the Office of the Comptroller of the Currency, its primary regulator; the New York State Consumer Protection Board; the New York State Office of Cyber Security & Critical Infrastructure Coordination; and law enforcement agencies. It also sent letters to all affected customers on Monday.

The bank has also arranged for credit monitoring services for two years for impacted consumers. The business customers that were affected will receive Positive Pay service from the bank, or Deluxe Security Checks, with the bank paying for those services.

Additionally, the bank says it has taken a number of additional steps to minimize any possible effect of this incident on its customers. It says it immediately launched an aggressive investigation of the incident with assistance from outside experts in forensics.

"The security of customers' information is of utmost importance to SCNB," says J. Gordon Huszagh, President and Chief Executive Officer. "While we know that our diligence in this regard allowed us to uncover this incident, and to take action rapidly to protect our customers, we also recognize that the provision of financial services over the Internet requires our dedication to continuous monitoring and security."

> Download the report


About the Author

Linda McGlasson

Linda McGlasson

Managing Editor

Linda McGlasson is a seasoned writer and editor with 20 years of experience in writing for corporations, business publications and newspapers. She has worked in the Financial Services industry for more than 12 years. Most recently Linda headed information security awareness and training and the Computer Incident Response Team for Securities Industry Automation Corporation (SIAC), a subsidiary of the NYSE Group (NYX). As part of her role she developed infosec policy, developed new awareness testing and led the company's incident response team. In the last two years she's been involved with the Financial Services Information Sharing Analysis Center (FS-ISAC), editing its quarterly member newsletter and identifying speakers for member meetings.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.