A US bank has finally settled with a former business customer after years of legal wrangling over who was responsible for the loss of more than $500,000 in a cyber-attack.
In 2009 malware was used to steal Patco Construction Company's online banking credentials which the crooks then tapped to make ACH transactions worth hundreds of thousands of dollars.
Patco sued People's United - then called Ocean Bank - for the money it lost, arguing that the bank should have spotted the fraud and stopped it. The construction firm also said that by not requiring customers to use multi-factor authentication, Ocean did not use best practice.
Last year a court backed the bank but in July this was reversed by the First Circuit Court of Appeals in Boston, which called People's security measures "commercially unreasonable".
According to BankInfoSecurity, the court also told the pair that they should look to agree an out-of-court settlement. This advice has been taken and the bank has agreed to pay Patco for its losses. Initially the construction firm had also sought damages and legal fees.
© Finextra Research 2013