Skip to main content

Couple Allowed to Sue Bank for Failing to Implement Two-factor Authentication

(0 comments)

A judge has ruled that a couple can sue Citizens Financial Bank after they lost $26.500 to an online attacker:

In a ruling issued last month, Judge Rebecca Pallmeyer, of the District Court for the Northern District of Illinois, denied a request by Citizens Financial Bank to dismiss a negligence claim brought against it by Marsha and Michael Shames-Yeakel. The Crown Point, Ind. couple -- customers of the bank -- alleged that Citizens' failure to implement up-to-date user authentication measures resulted in the theft of more than $26,000 from their home equity line of credit.

There a number of interesting items in the article.  (Read the whole thing!)

  1. It was a line of credit - not a cash account.  How often do you check our LoC balance? If it is zero? 
  2. Because they reported it more than 10 days after the fact, the bank claimed they were not liable.  "It said there was no liability unless it had been notified in advance about the possibility of unauthorized use and had been given a reasonable opportunity to act on that notice."  So, they should have given advance notice of the attack?  Quick, call your bank and say that you think you might be attacked. Schedule this call monthly. 
  3. The bank had yet to implement the recommendations of the FFIEC guidelines regarding two-factor authentication.  They later did comply, but there was a gap.   
  4. As pointed out by Adam Citizen's claim that thought they were secure because "its online banking services were being provided and protected by a highly reputable company." 

 

 

Currently unrated

Comments

There are currently no comments

New Comment

required

required (not published)

optional

Recent Posts

Archive

2019
2018
2017
2016
2015
2014
2013
2012
2011
2010
2009
2008

Categories

Tags

Authors

Feeds

RSS / Atom