Judge rules against firm that lost $345k to bank trojan
Victim failed to secure account credentials
A federal magistrate judge has ruled against a small business that lost $345,000 in an online bank heist, arguing that the theft largely resulted from its own failure to secure its account credentials, according to published news reports.
Patco Construction Company sued Ocean Bank in 2009 after crooks used malware to siphon about $589,000 out of the company's account. Bank employees managed to recover about $243,000 of the pilfered funds, but held the small business responsible for the remainder. Patco asked a federal judge in Maine to hold the bank accountable for the loss, arguing bank employees should have recognized warning signs that the transactions were fraudulent.
This week's 70-page ruling (PDF) serves as a recommendation and still must be formally adopted by the judge overseeing the case. Still, it could serve as a harbinger of rulings to come. With the wide availability of malware generated from the ZeuS and SpyEye DIY kits, online bank heists have run rampant over the past few years, generating millions of dollars in losses.
Hanging in the balance is whether banks or end users should be on the hook for reimbursing those costs.
Hmmm some specifics would seem to be in order...
A little light on the details here El Reg!
How can the bank not be held responsible? What did the company do that has seen them be held accountable for the losses? The standard is that online crime comes out of the banks profits (mainly because they want people to have the confidence to use online banking), so what was the difference here?
Without this info here, this article is useless...
You do have to remember that the banks are set up specifically to exclude certain things like customer service, fraud protection, risks to their bonuses, etc.
The banks seem to be winning then
Once upon a time banks were responsible for looking after your money. It was their job to keep it safe, rather than you hiding it under the mattress.
Now it seems you have to pay for the privelige of letting the bank spend your money, award massive bonuses and they don't even have responsibility for keeping it safe any more.