Attacks/Breaches

4/20/2018
05:39 PM
100%
0%

SunTrust Ex-Employee May Have Stolen Data on 1.5 Million Bank Clients

Names, addresses, phone numbers, account balances, may have been exposed.

SunTrust Bank said a former employee may have stolen names, addresses, phone numbers, and account balances of some 1.5 million of its clients. 

The employee tried to download the client contact information six- to eight weeks ago in an attempt to provide the data to a criminal from outside the organization, Reuters reports.

SunTrust CEO William Rogers in an earnings call said there was no indication of fraudulant activity using the client information, and it appears the data had not been sent outside the bank.

The bank is now offering free identity protection services to all of its customers for the "potential data threat," according to a press announcement from SunTrust. 

"The company became aware of potential theft by a former employee of information from some of its contact lists. Although the investigation is ongoing, SunTrust is proactively notifying approximately 1.5 million clients that certain information, such as name, address, phone number and certain account balances may have been exposed," the bank said in a press statement. "The contact lists did not include personally identifying information, such as social security number, account number, PIN, User ID, password, or driver's license information. SunTrust is also working with outside experts and coordinating with law enforcement."

Read more here  and here.

Interop ITX 2018

Join Dark Reading LIVE for two cybersecurity summits at Interop ITX. Learn from the industry’s most knowledgeable IT security experts. Check out the security track here. Register with Promo Code DR200 and save $200.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/26/2018 | 6:41:13 AM
Re: Reputation of SunTrust
Agree - but one very real byproduct under any condition is that the IT staffers feel abused and treated with zero respect.  Ego?  SunTrust has zero respect for IT under any condition.  Now this is speculatoin of course - could be just a bad apple all around.  That happens too.  
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
4/23/2018 | 1:40:27 PM
Re: Reputation of SunTrust
@REISEN: You're right, if you're saying that US-based outsourcing isn't necessarily an appropriate, safe or effective solution, for the outsourcing company or the country; but neither is an in-house IT department - in all cases.  My point is that offshoring invariably creates Information System vulnerabilities which outweigh perceived cost savings; and that the loss of US jobs (and the incentive to train our people to fill those jobs), is detrimental.  You're wrong if you think the choice of terms, outsourcing or offshoring, is irrelevant. 
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/23/2018 | 12:55:15 PM
Re: Reputation of SunTrust
Call it whatever you want - yes outsourcing can be internal USA such as to IBM of course.  But it shows a lack of respect for good It management and protocols.  I spent 8 months at a local site supporting 45 users who had their IT support "off-shored" to Wipro and it was a disaster.  Also local WiPro protocols were horrible too.  It was an uphill battle.  Management had zero, repeat, zero respect for IT until this disaster began to hit.  SunTrust does not by indication respect it either.    I am not surprised by this article. 
BrianN060
50%
50%
BrianN060,
User Rank: Ninja
4/23/2018 | 10:58:51 AM
Re: Reputation of SunTrust
Calling it "outsourcing" when what they're doing is "offshoring" has been a rhetorical smokescreen for decades.  Using the inherent ambiguity of language to imply something is less objectionable, by inclusion within a broader definition, is common practice.  Yes, offshoring is a form of outsourcing; but ramifications for security and the economy for the former are dramatically different than for outsourcing which is kept within one jurisdiction and symbiotic economy.  Outsourcing to a company which offshores any of its work is at least as troubling, and much more insidious. 

Those who understand the risks and negative consequences of offshoring shouldn't make it any easier for those who want to obscure their use of the practice, by calling it outsourcing
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
4/23/2018 | 8:14:56 AM
Reputation of SunTrust
Look this one up on Google for outsourcing --- they LOVE to fire American workers and send jobs to India.  Big stink a few years ago when staffers were required, of course, to train replacements and also sign non-disclosure statements.  They back-tracked the latter part but still their IT is all Bangalore based and thus horrible.  So this action is NOT a surprise at all.  You get what you pay for. 
Election Websites, Back-End Systems Most at Risk of Cyberattack in Midterms
Kelly Jackson Higgins, Executive Editor at Dark Reading,  8/14/2018
Intel Reveals New Spectre-Like Vulnerability
Curtis Franklin Jr., Senior Editor at Dark Reading,  8/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-13435
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest w...
CVE-2018-13446
PUBLISHED: 2018-08-16
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. ...
CVE-2018-14567
PUBLISHED: 2018-08-16
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
CVE-2018-15122
PUBLISHED: 2018-08-16
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
CVE-2018-11509
PUBLISHED: 2018-08-16
ASUSTOR ADM 3.1.0.RFQ3 uses the same default root:admin username and password as it does for the NAS itself for applications that are installed from the online repository. This may allow an attacker to login and upload a webshell.