Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cyber Thieves Claim To Hit Two Big Canadian Banks (reuters.com)

Posted by msmash on from the take-a-note dept.

New submitter Heritype writes: Bank of Montreal, Canada's fourth biggest lender, said on Monday it was contacted by fraudsters on Sunday who claimed they were in possession of the personal and financial information of a limited number of the bank's customers. The bank said it believed the attack originated from outside the country and was confident the exposures that led to the theft of customer data had been closed off.

Canadian Imperial Bank of Commerce, Canada's fifth biggest lender, said fraudsters contacted the lender on Sunday claiming they had electronically stolen personal and account information of 40,000 customers of its Simplii direct banking brand.
Other Canadian banks said they had not been affected. Further reading: BMO and CIBC-owned Simplii Financial reveal hacks of customer data.

7 of 20 comments (clear)

  1. Haha! Jokes on them! by Anonymous Coward · · Score: 1, Funny

    Canadian dollars ain't worth jack!

  2. Actually made public. by ls671 · · Score: 2

    The unusual part of this is that this one got published. Usually, nobody ever hears about such things although they happen more often that you might come to expect at first.

    --
    Everything I write is lies, read between the lines.
    1. Re:Actually made public. by Anonymous Coward · · Score: 1

      CBC link has more details. tl;DR - bad guys went public on their own. The language from the banks is quite baffling though. They make it sound like their own systems detected the breach which is false. Also not clear where the 40k users came from since, at least according to the CBC, only two were given as an example.

      Likely more to this. I mean they won't even say where the attacks came from.

  3. Why would they do that? by houghi · · Score: 2

    Why would they claim to have done it? Even if true, why would they admit to it, even anonymously. Most thieves would want this sort of thing never to get public and will deny everything from the start.

    Or might it be the bank that claims it? That would be worse. Why would they claim it and not state it. Are they not sure that it happened? Or are they not sure that it was theft or even illegal and not just a standard transaction?
    I can imagine the call I might get:
    "We have no idea where your money went. Probably some hackors or russions or terroristsers. You know how it is with these Intertubes. Oh well. These things happen. If we get your money back somehow, we will call you. Now have a nice day and sorry."

    --
    Don't fight for your country, if your country does not fight for you.
    1. Re:Why would they do that? by sinij · · Score: 4, Interesting

      Why would they claim to have done it?

      Likely it was a blackmail attempt and public disclosure is a result of failing to pay.l

  4. Sounds off by PKFC · · Score: 1

    Like anyone of any importance at a bank could be reachable by a random outsider on a Sunday. And given how little most companies care about security, I would be surprised if anyone would actually respond.

    1. Re:Sounds off by danomac · · Score: 1

      CIBC was in the news last year because they decided to outsource to India. I'd wager that security isn't high on their priorities list.

      Glad to see it's working out for them. (More seriously, who didn't see this coming?)