Tuesday, December 9, 2008

German Banks pwned

Well, German banking customers. Most of them are - 21 Million accounts. That about 75% of everyone in Germany.
Identity thieves who claim they stole details of 21 million German bank accounts are offering to sell the data on the black market for €12 million (US$15.3 million), a German magazine reported over the weekend.
To prove they weren't bluffing, the crooks produced the compact disc containing the names, addresses, phone numbers, birthdays account numbers, and bank routing numbers of 1.2 million accounts. Two investigative reporters for WirtschaftsWoche say they obtained the CD during a face-to-face meeting at a hotel in Hamburg with two individuals involved with the theft. The journalists were posing as interested buyers working for a gambling operation.
"We took away with us the first delivery, a CD with 1.2 million accounts, that we couldn't imagine," said one of the editors overseeing the investigation. "In the worst case, three out of four German households would have to be afraid that some money could be taken from their checking account without their authorisation, and perhaps even without their realising it," the magazine stated.
It's not clear how this was done, and given the level of the fraud here ($15M), there's plenty of opportunity for inside jobs.

For example, the Bad Guys could have paid a system administrator for an extra backup tape.

Whether this is Internet crime or not, this is likely a billion dollar data breach. More importantly, the banking system in one of the G-8 countries can no longer be considered trustworthy: for any international transfer, the non-German bank cannot be certain that the transfer is legitimate.

If the situation actually is what the investigation says it is, this is Epic Fail.

Cue Vince from ShamWow: These bank accounts are made in Germany. You know they make great stuff.

No comments: