Slashdot Mirror
Bank Goofs, and Judge Orders Gmail Account Nuked
An anonymous reader writes "The Rocky Mountain Bank, based in Wyoming, accidentally sent confidential financial information to the wrong Gmail account. When Google refused to identify the innocent account owner's information, citing its privacy policy, the bank filed in Federal court to have the account deactivated and the user's information revealed. District Judge James Ware granted the bank's request, with the result that the user has had his email access cut off without any wrongdoing or knowledge of why." The Reg's earlier story says, "Rocky Mountain Bank had asked to court to keep its suit under seal, hoping to avoid panic among its customers and a 'surge of inquiry.' But obviously, this wasn't successful."
If I get e-mails from banks that I have no relation with, it is usually spam and gets instantly deleted.
Perhaps that's why the recipient of the bank's private data didn't respond to any of their e-mails.
Also, why is a bank sending it's customers' private information over an unsecure connection (e-mail)? Wouldn't the bank be violating security rules even if the e-mail address was correct?
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Sewing for damages?
Fear the giant quilt of redress!
Say what you want, I know a few people in the banking profession I'd like to stick a needle into over and over again until I've turned an unwanted hole into a nice compact knot of thread.
...wait. I mean, the account holder at this point has probably seen and done any damage that they are going to do with this information. How precisely is this going to help the bank's cause?
Of course, the account may be inactive and they may well have gotten to it before the person who owned it logged in again, but I do have to wonder why it is the recipient's problem that the bank sent this information. If the bank sent me that sort of information in the mail, does that mean that the county can order my house burned down to make sure I can't read that mail, even though I probably have already read it in full?
These decisions make no sense to me sometimes and it scares me because for some things I use only one email account and if my contacts disappeared, I might not be able to find some of these people again easily. I guess it's time to start backing up all my account data to my home machine by default.
This is yet another strike against "cloud computing" taking over. If they can order your account just plain zapped because a bank fucked up, I don't see how anyone's data is safe. At least if you had it stored at home or at work on your own machine, you'd at least know what the hell happened to it.
I work as a supplier to the banking industry.
I'll tell you why they do this, they are outright fucking dumb. That's basically it. If the IT guy knows about encryption, he has no power to make it happen, but most of the time he's barely able to type let alone do IT stuff.
Banks just don't pay for shit unless you are a VP or own the place, so they get the crappiest IT help.
"Due diligence" means "cover your ass", and has NO OTHER MEANING in the banking community. Everywhere else it means "make a good effort to do the best you can to the spirit of the task".
Granted, this breech is considerably dumber than average, but of the banks I have worked with, every single one of them at one time or another had some sort of institutional problem understanding and implementing some of the most basic data safety measures.
The Feds have been much more pushy about it recently, so it will improve. And a lot of the old guard is finally dying off, and you'll see bank leaders that have had more than "type this letter" (to the secretary) experience with computers.
Actually, your scenario kinda-sorta happened to the Mayor of Berwyn Maryland. A scam where drugs are shipped to a random (innocent) person, to be taken later from the porch by an accomplice. In this case, brain-dead police investigators and a swat team charged into the innocent man's house, shot his dogs, and arrested him, his wife, and his elderly mother. He still awaits even an apology for the horrifying incident. There is very little actual 'justice' in the justice system.
http://www.washingtonpost.com/wp-dyn/content/article/2008/07/30/AR2008073003299.html
Securitizing the mortgages alone is not evil. The problem was that those bundles had been valued based on model built using historical data. When a lot of banks started buying up mortgages to put in these bundles the guys arranging the mortgages significantly changed their behaviour in order to get more. That change in behaviour (salesmen becoming writing much more shakey mortgages) invalidated the model used to value them, so the banks bought stuff for a lot more than it was worth, leading to the credit crisis.
You can call people evil, greedy and stupid all you want, but that's not going to get your money back and it won't prevent it happening again. The key problem here is that the banks broke the First Rule of Engineering, they trusted a computer model and thus failed to scrutinize their purchases properly. The government allowed them to make these purchases without proper due dilligence, the salesmen sold mortgages they knew would likely end up in default and the families took out mortgages without a plan to pay it off.
If you think those lapses are greedy, evil and stupid, then fine. However, the morale of this whole credit crisis and subsequent recession should be: If it's important, hire an engineer to do it.
No, they weren't. Most people who took out low rate ARM mortgages in the early mid 2000s fell into several categories: the ignorant, ill-informed (maliciously or otherwise), or my favorite, seduced by TV networks who made "flipping" a property seem a guaranteed way to make hundreds of thousands of dollars a year. The waves of people I've seen on those shows, even now, who seem to think that anything less than $100,000 profit on a purchase, some renovations, and a six month turn-around is unacceptable is staggering.
Even now, watch the very vast majority of those shows, particularly the ones where people do renovations, and have before/after valuations. "You spent how much on your new kitchen?" "$15,000" "Great, you just added $30,000 value to the home. Now, how about the bathroom?" "We spent $8,000 in here." "Excellent, looking around, I'd say you added $20,000 to the value of the home", and so on, ad nauseaum. Add this up, and you have, in my view, a hidden culprit, along with the RE agents who were pretty much as a whole in lock-step with these mantras pushed by TV onto their clients, of the housing bust.
That $23,000 you invested in the home is only worth $50,000 if you can find the one born every minute to sell it to. Eventually, that got so outrageous, and so out of tune with reality, that people realized they were paying $50,000 for $23,000 of renovations on a home by a "flipper", and balked. And down came the house of cards.
Oh no! You must not do anything that could cause your email to end up in those idiots contact-lists.
Next time they may send something to YOUR account! Then you can kiss your account goodbye.
Come to think of it, that is a great way to get rid of a person online. Just get him on that mailers list and the court will shut him out for ya.
The worst thing is, now there is precedence in such a case so the next one is just blind copy/paste. Thow won't be abused. Surely not. The world is not that evil.