U.S. Company Suffers a $588,000 Cyberheist – Judge Says “Too Bad”



[caption id="attachment_994" align="alignleft" width="262" caption="Cyber Judge"]Cyber Judge[/caption]



Cyber security experts are expressing serious concern over a decision on a cyberheist lawsuit case by a Judge from Maine last week.  If his ruling is adopted by other U.S. district courts it will make things more difficult for other cybercrime victim businesses to dispute the effectiveness of security measures employed by banks and increase the burden on companies already struggling within a failing economy.



On Friday, Maine based Patco Construction Co. filed suit in York County Superior Court against Ocean Bank (a division of Connecticut based People's United Bank). The lawsuit alleges that Ocean Bank did not do enough to prevent cyber criminals from transferring approximately $588,000 to dozens of co-conspirators throughout the United States over an eight-day period in May.



Businesses do not have the same legal protections against online banking fraud that consumers enjoy. Consumers generally have 60 days from receiving a bank statement to dispute any fraudulent charges, and in nearly all cases those charges will be reversed. But organizations that experience fraud with their online banking accounts usually lose any money from unauthorized transactions that aren't immediately reported to the bank, and even then there is no guarantee that all or any of the fraudulent transfers will be reversed or halted.



According to the Patco’s filed complaint, the fraudulent transfers began on Thursday, May 7, when cyber thieves who had hijacked the company's online banking credentials initiated a series of transfers totaling $56,594 to several individuals that had no prior businesses with Patco. The company alleges that this pattern of fraud continued each day of the following business week, during which time the thieves made additional batches of fraudulent transfers totaling $532,257.



For more details on this cyberheist follow this link: Maine Firm Sues Bank After $588,000 Cyber Heist



The question becomes “how did the bad guys gain access to this company’s online accounts”?  And one can quickly conclude that it was through some unsuspecting employee getting hacked and opening up the network.



One could easily conclude that although cybercrimes continue to happen in alarming numbers, Internet Security Awareness is not yet increasing proportionately—the lacking ingredient to curtail this growing trend being Internet Security Awareness Training for every employee with access to a company network and the Internet.



This case illustrates that no matters how well an organization tries to protects itself from external cybercriminals, that because of the human factor (like internal employees) network access can sometimes be gained by the bad guys.  You should definitely check the effectiveness of your security. Take a free phishing security test of your company.



Stu Sjouwerman



KnowBe4



Jamie Sene



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews