20 August 2017
Find out more

Standard Chartered client bank statements found on hacker's laptop

06 December 2013  |  6154 views  |  1 Standard chartered main building

The private banking statements of 647 high-net-worth clients of Standard Chartered Bank have been found on the laptop of a hacker busted by Singapore Police.

Standard Chartered said the February 2013 monthly statements were culled from a server supplied by Fuji Xerox, which provides printing servers for the UK bank.

Singapore Police said the statements were recovered from the laptop of James Raj Arokiasamy, who is currently in custody awaiting charges over the alleged hacking of a local government Website.

The Monetary Authority of Singapore says it has been notified by the bank of the theft, which it claims has not compromised its IT systems or infrastructure.

"We will review SCB's investigation report and consider if regulatory action against the bank is warranted," says the regulator in a statement. "MAS has reminded all FIs to heighten their vigilance to safeguard their IT systems and customer information, including controls at third party service providers. MAS is paying special supervisory attention to FIs' compliance with MAS' requirements for IT outsourcing."

Ray Ferguson, chief executive of Standard Chartered Singapore, says: "The confidentiality and privacy of our clients are of paramount importance to us, and we take this incident very seriously."

Coincidentally, the US Federal Reserve Board yesterday released guidance reminding financial institutions it supervises to exercise appropriate risk management and oversight when using third party service providers.

The guidance does not discourage financial institutions from outsourcing activities to service providers, but says firms should be aware of the potential risks.

Says the Fed: "If service provider relationships are not managed effectively, they may expose financial institutions to risks that can result in reputational problems, financial loss, or regulatory actions."

Comments: (1)

Keith Appleyard
Keith Appleyard - available for hire - Bromley | 06 December, 2013, 13:49

Who does this not surprise me.

When I was doing a Due Diligence of Acquiring a Credit Card portfolio based in Leeds, I found that the systems documentation stated that the Statements had been outsourced and were produced in Bristol by CSC. A little research via Google showed that this datacentre had been closed down, and the Statements were being produced by CSC in Melbourne Australia. Further research by me showed that the PIN Mailers were also being sent (unencrypted) to the other side of the world to be printed, and then mailed back to the UK via the public postal service.

So try hacking the print servers - its easy.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Standard Chartered Hong Kong opens digital branch

Standard Chartered Hong Kong opens digital branch

07 November 2013  |  6268 views  |  2 comments | 2 tweets | 5 linkedin
Standard Chartered Singapore embeds security tokens in cards

Standard Chartered Singapore embeds security tokens in cards

06 November 2012  |  13276 views  |  2 comments | 10 tweets | 6 linkedin
Swiss regulator slams HSBC over data theft

Swiss regulator slams HSBC over data theft

01 March 2011  |  8672 views  |  0 comments
Julius Baer whistleblower hands over offshore bank details to WikiLeaks

Julius Baer whistleblower hands over offshore bank details to WikiLeaks

17 January 2011  |  10261 views  |  0 comments
Spain uses stolen HSBC data for tax probe

Spain uses stolen HSBC data for tax probe

25 June 2010  |  11359 views  |  0 comments
HSBC admits IT employee stole data on 15,000 private client accounts

HSBC admits IT employee stole data on 15,000 private client accounts

11 March 2010  |  10751 views  |  0 comments

Related company news

 

Related company information

Standard Chartered Bank

Related blogs

Create a blog about this story (membership required)
visit www.worldpaymentsreport.comdownload the paper nowvisit www.niceactimize.com

Top topics

Most viewed Most shared
Mobile contactless spending accelerating in UKMobile contactless spending accelerating i...
10198 views comments | 23 tweets | 23 linkedin
Norwegian banks and startups form fintech clusterNorwegian banks and startups form fintech...
8544 views comments | 19 tweets | 23 linkedin
hands typing furiouslyWhy Is Risk Analytics Important?
8281 views 0 | 3 tweets | 1 linkedin
RBS to bring Silicon Valley to EdinburghRBS to bring Silicon Valley to Edinburgh
8208 views comments | 10 tweets | 7 linkedin
Barclays pairs banking data with third party apps for SmartBusiness DashboardBarclays pairs banking data with third par...
7483 views comments | 15 tweets | 14 linkedin