Home Communication Press Room Press Releases Back New search Date Min Max Aeronautics Automotive Corporate Cybersecurity Defense and Security Financial Healthcare Industry Intelligent Transportation Systems Digital Public Services Services Space Bank of America employee arrested for the theft of customer data 07/06/2011 Print Share News has recently broken in the USA of the arrest of a Bank of America employee for the theft of customer data by injecting malware into the bank’s ATM network. In fact, hard as it might be to believe, not all banks pay sufficient attention to the possibility of insider data theft, carried out either by a direct employee or an agent of an external service with physical access to the terminals containing sensitive information. The Bank of America has recently owned up to the fact that the scam was detected about one year ago, but it is not yet providing much information on the case since it is still under investigation. What we do know is that the bank lost about $10,000,000 to the criminals, with about 300 bank customers reporting thefts to the law enforcement agencies. One of the critical access points to sensitive information is the ATM network. Many different agents might have access to it, either logical, through the IP communications networks, or physical due to maintenance and cash top-up tasks. But it is also true that ATMs are very stable processing units that can now be protected simply, cheaply and efficiently thanks to products like checker ATM Security of the company GMV, custom built to ensure the security of the whole ATM network. GMV is convinced that attacks of this type can be easily prevented if the bank itself takes proper note of the problem and follows some simple steps designed to define access policies and authorized processes. checker ATM Security enables the bank to define and control all ATM execution processes, guarantee integral security, centralize information and keep a constant track not only of operations carried out but also any unauthorized access attempts. Among other features the product is compatible with any type of application and multi-manufacturer equipment; it has its own internal firewall and ensures compliance with the PCI-DSS data-security standards. Print Share