Slashdot Mirror

← Back to Stories (view on slashdot.org)

21 Million German Bank Accounts For Sale

Posted by kdawson on from the black-marks dept.

anerva writes "Black market criminals are offering to sell details on 21 million German bank accounts for €12M ($15.3M), according to an investigative report (German; Google translation) published Saturday. In November reporters for WirtschaftsWoche (Economic Week) had a face-to-face meeting with criminals in a Hamburg hotel, according to the magazine. Posing as buyers working for a gambling business, the journalists were able to strike a price of €0.55 per record, or €12M for all the data. They were given a CD containing the 1.2 million accounts when they asked for assurances that the information they would be buying was legitimate." 21 million is three in four existing German bank accounts.

17 of 302 comments (clear)

  1. On your marks (no pun intended) by pin0chet · · Score: 5, Insightful

    In theory, if the banking system were known to be compromised in such a huge way, and there were no way of knowing if your own bank account was compromised or not, shouldn't there be a massive bank run? Because everyone wants to withdraw their money right away to minimize the chance that this ridiculous security leak negatively affects them, right? Such a massive erosion of confidence can completely destroy a banking system.

  2. Re:Hmmm... by Anonymous Coward · · Score: 3, Insightful

    That's not their job or function in society.

  3. 1.2 million out of 21 million by txoof · · Score: 2, Insightful

    It is possible that not all of the 21 million work, or are valid. If I were in the criminal's position, I would offer a CD where about 70% were valid. And then when the payment was made, provide a data set that had only a few working accounts and a bunch of garbage.

    In any case, it's pretty scary to think that there might that much personal data out there.

    --
    This one's tricky. You have to use imaginary numbers, like eleventeen... --Hobbes
  4. May I introduce you to rule 36? by zappepcs · · Score: 2, Insightful

    Rule 36 states:

    There will always be even more fucked up shit than what you just saw

    Now, I've been saying this all along, but nay sayers think the sky will never fall, and that the government is not out to get them. I've got bad news for you: It will, and they are, and if those two problems are not enough there will always be people willing to steal your stuff. period. no exceptions.

    The fact that they have not stolen yours yet is merely an oversight on "their" part. It will happen at some point. Security is myth. Do not trust those that want to protect you. The government will never shield you, only pretend to do so. This is a harbinger of dangers to come, and reason to demand with some vigor that your financial institution be held accountable by law for the protection of your information. Yes, I mean that. If they want to do business with my money, I want guarantees. You should too.

    --
    Support NYCountryLawyer RIAA vs People
    1. Re:May I introduce you to rule 36? by Jeff+DeMaagd · · Score: 4, Insightful

      OK, so you're saying that government isn't going to protect us, so the answer is to demand that financial institutions be held accountable to laws passed by a government that you said won't protect us?

    2. Re:May I introduce you to rule 36? by Cl1mh4224rd · · Score: 4, Insightful

      The government will never shield you, only pretend to do so. This is a harbinger of dangers to come, and reason to demand with some vigor that your financial institution be held accountable by law for the protection of your information.

      Bolding mine, to highlight a serious disconnect in the parent's preaching.

      You're suggesting that people demand that banks be held accountable to laws enforced by the very government you said won't protect them?

      --
      People will pass up steak once a week, for crap every day.
  5. Exactly by tomhudson · · Score: 5, Insightful

    But an account number is not the equivalent of a direct debit card. It's not that easy to withdraw money from an account when all you have is the account number.

    Every time you write a check, you're giving the recipient your bank address, bank account number ... AND a specimen of your signature. OMG! Quick - millions of people compromised their bank accounts today!

    1. Re:Exactly by trjonescp · · Score: 2, Insightful

      In 2008, checks are the sort of thing that would be used regularly only in an ass-backward country like the United States.

      --
      Only speak when it improves the silence.
    2. Re:Exactly by Anonymous Coward · · Score: 1, Insightful

      Actually, this is a serious problem. You probably should avoid giving checks to entities you don't trust!

    3. Re:Exactly by Jesus_666 · · Score: 3, Insightful

      I know nobody who uses checks anymore. That's what wire transfers are for. In theory you can order checks from your bank but, well... I haven't seen a real checkbook in at least a decade.

      --
      USE HOT GRITS WITH STATUE OF NATALIE PORTMAN (NAKED AND PETRIFIED)
    4. Re:Exactly by enrevanche · · Score: 4, Insightful

      A wire transfer typically costs $25 outgoing and $12 incoming and you need to know the receiver's bank account # & routing number. I seriously doubt that it is used that much by most people.

      You probably mean direct deposit/automated withdrawal. Sometimes, these can be a real pain to cancel once authorized. For a "reputable" vendor, I suppose it is OK, but using a VISA/MC debit card is a lot easier to fix.

    5. Re:Exactly by dropadrop · · Score: 5, Insightful

      Wire transfer does not cost anything in Europe. I have a close friend from the US living here, and can't stop wondering at how the way your banks work are so 1980...

    6. Re:Exactly by Bugsville · · Score: 3, Insightful

      just the old lady in front of me at the grocery store.

  6. Re:Online purchases usually require TAN codes by bickerdyke · · Score: 2, Insightful

    Thats only used for money transfers initiated by the costumer. And as there is proof that it was indeed the account owner transfering the funds (he used his secret TAN&PIN) those transfers are really hard to reverse.

    It's the other way round with those Lastschriften (direct debit) easy to initiate by anyone, easy to reverse by the account holder.

    --
    bickerdyke
  7. Re:So what by Random+Walk · · Score: 2, Insightful

    I don't think it's that Germans don't "get" them.. it's more that they were invented to circumvent the 17th century backwardness of the US banking system. There wasn't ever any need for them in Germany, and the high charges (for the merchants) are not suited to make them popular if better solutions exist.

    Note that you can overdraw your account anyway, so there is no need for the "credit" functionality either.. and since the account is balanced by the next payment from your employer, you are on average less due than with a separate "credit" account of your card.

  8. Re:So what by yoma666 · · Score: 2, Insightful

    That's true in 2008 you can actually buy banks themselves in bulk. Gotta love the credit crunch.

  9. Re:Groan - you didn't recognise the joke by Thaelon · · Score: 2, Insightful

    Biometrics are foolish.

    Today, if someone gets your credit card information, they can make charges in your name. To resolve this, you inform your credit card company that someone is fraudulently using you card. Typically they'll just nix the charges and issue you a new card with a new number.

    Throw in biometrics:
    Someone gets your biometric information, they can make charges in your name. To resolve this, you inform your biometric-enhanced credit card company company that someone is fraudulently using you biometric information. They just nix the charges and issue you new...fingerprints?

    So biometrics do go a long way toward fraud prevention. However, if it actually does occur, you're utterly and permanently fucked.

    --

    Question everything