19 February 2018
Visit www.avoka.com

Standard Chartered client bank statements found on hacker's laptop

06 December 2013  |  6294 views  |  1 Standard chartered main building

The private banking statements of 647 high-net-worth clients of Standard Chartered Bank have been found on the laptop of a hacker busted by Singapore Police.

Standard Chartered said the February 2013 monthly statements were culled from a server supplied by Fuji Xerox, which provides printing servers for the UK bank.

Singapore Police said the statements were recovered from the laptop of James Raj Arokiasamy, who is currently in custody awaiting charges over the alleged hacking of a local government Website.

The Monetary Authority of Singapore says it has been notified by the bank of the theft, which it claims has not compromised its IT systems or infrastructure.

"We will review SCB's investigation report and consider if regulatory action against the bank is warranted," says the regulator in a statement. "MAS has reminded all FIs to heighten their vigilance to safeguard their IT systems and customer information, including controls at third party service providers. MAS is paying special supervisory attention to FIs' compliance with MAS' requirements for IT outsourcing."

Ray Ferguson, chief executive of Standard Chartered Singapore, says: "The confidentiality and privacy of our clients are of paramount importance to us, and we take this incident very seriously."

Coincidentally, the US Federal Reserve Board yesterday released guidance reminding financial institutions it supervises to exercise appropriate risk management and oversight when using third party service providers.

The guidance does not discourage financial institutions from outsourcing activities to service providers, but says firms should be aware of the potential risks.

Says the Fed: "If service provider relationships are not managed effectively, they may expose financial institutions to risks that can result in reputational problems, financial loss, or regulatory actions."

Comments: (1)

Keith Appleyard
Keith Appleyard - available for hire - Bromley | 06 December, 2013, 13:49

Who does this not surprise me.

When I was doing a Due Diligence of Acquiring a Credit Card portfolio based in Leeds, I found that the systems documentation stated that the Statements had been outsourced and were produced in Bristol by CSC. A little research via Google showed that this datacentre had been closed down, and the Statements were being produced by CSC in Melbourne Australia. Further research by me showed that the PIN Mailers were also being sent (unencrypted) to the other side of the world to be printed, and then mailed back to the UK via the public postal service.

So try hacking the print servers - its easy.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Standard Chartered Hong Kong opens digital branch

Standard Chartered Hong Kong opens digital branch

07 November 2013  |  6672 views  |  2 comments | 2 tweets | 5 linkedin
Standard Chartered Singapore embeds security tokens in cards

Standard Chartered Singapore embeds security tokens in cards

06 November 2012  |  13694 views  |  2 comments | 10 tweets | 6 linkedin
Swiss regulator slams HSBC over data theft

Swiss regulator slams HSBC over data theft

01 March 2011  |  8930 views  |  0 comments
Julius Baer whistleblower hands over offshore bank details to WikiLeaks

Julius Baer whistleblower hands over offshore bank details to WikiLeaks

17 January 2011  |  10353 views  |  0 comments
Spain uses stolen HSBC data for tax probe

Spain uses stolen HSBC data for tax probe

25 June 2010  |  11503 views  |  0 comments
HSBC admits IT employee stole data on 15,000 private client accounts

HSBC admits IT employee stole data on 15,000 private client accounts

11 March 2010  |  10894 views  |  0 comments

Related company news

 

Related company information

Standard Chartered Bank

Related blogs

Create a blog about this story (membership required)
Visit www.vasco.comvisit www.nextgenbanking.co.ukVisit https://www.capgemini.com

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
11463 views comments | 16 tweets | 12 linkedin
ABN Amro moves escrow accounts to the blockchainABN Amro moves escrow accounts to the bloc...
9025 views comments | 15 tweets | 13 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
8887 views 10 comments | 22 tweets | 26 linkedin
Aussie real-time payments platform goes liveAussie real-time payments platform goes li...
8795 views comments | 15 tweets | 43 linkedin
Coinbase and Visa at loggerheads over erroneous charges on customer crypto accountsCoinbase and Visa at loggerheads over erro...
7395 views comments | 12 tweets | 10 linkedin

Featured job

Basic c. EUR 90K OTE c. EUR 180K plus full bene...
Paris (preferred) or London

Find your next job