Wells Fargo Customer Info Exposed
Bank Account Details Revealed in Statement Mailing MistakeJosh Dunn, corporate communications manager for Wells Fargo in Charlotte, N.C., says customers with accounts opened in South Carolina and Florida "may have received, in error, pages from other customer accounts," though the printing malfunction only affected September statements.
The malfunctioning printer is no longer in service and is being analyzed, Wells says. The printing error is not believed to be connected to Wells Fargo & Company's [$1.4 trillion in assets] merger with Wachovia Corp., a conversion that was completed in January 2009.
"Though we believe the risk of compromising a customer's account is low, we are providing all customers whose statements were printed by the malfunctioning printer with one year's worth of free ID theft protection," Dunn says. "We don't know how many accounts were affected, but even one is one too many."
Corrected statements are being mailed to all potentially affected customers.
ID Theft: Concerns Mount
With so much attention now being paid to incidents of identity theft and the exposure of personally identifiable information, the Wells case is likely to raise more questions than answers.ID theft, in recent weeks, has been top of mind. On Oct. 13, Georgia authorities announced the arrests of two men who are suspected of being behind an ID theft scam that lasted 15 years and resulted in fraud totaling $9 million. The Criminal Intelligence Unit of the Cherokee County Sheriff's Office in Georgia says the scheme targeted consumers throughout the U.S. [See $9 Million ID Theft Scheme Alleged.]
And earlier this month, the U.S. District Attorney's Office in Queens, N.Y., announced closure of the biggest ID theft takedown in U.S. history. [See Biggest ID Theft Bust in History.]
That scheme involved five organized crime rings with ties to Europe, Asia, Africa and the Middle East and resulted in financial losses exceeding $13 million over a 16-month period.
Phil Blank, managing director of security, risk and fraud for Javelin Strategy & Research, calls the Wells incident astonishing. "It represents a failure in basic 'block and tackling,'" he says.
The cause of what Wells has defined as a printer malfunction is concerning. A system's upgrade, such as the one Bank of America in recent weeks pointed to as the catalyst for online-banking interruptions its customers faced, could be to blame.
"It could have been some new piece of code that was introduced that obviously did not work as planned," Blank says. "Another part of me can't help but wonder if perhaps it is the result of a piece of malicious software introduced somehow into the Wells network. It could also have been as simple as human error not caught by a process check."
It will likely take weeks before causes for the printing malfunction are discovered and revealed. For now, Wells must focus on the customers it has exposed to potential fraud. "They should immediately reach out to those affected, assuming that they can figure out exactly what happened here and who was affected, and set them up with new accounts," Blank says.