Simon Says – Musings of a Technology CTO

An interesting standoff going down in Plano, Texas, between Hillary Machine Inc, a manufacturer and supplier of fabricating equipment, and their Bank, PlainsCapital.

It seems back in November 2009, Cybercriminals obtained the details to Hillarys account in the PlainsCapital online banking system, and made a series of transfers totalling $801,495.  Roughly $600,000 was recovered, and the remainder is now subject to dispute.

It seems Hillary wants the bank to reimburse the remainder, citing that their security systems and checks were inadequate. PlainsCapital in return have gone to court to prove their systems are appropriate.

Brian Krebs has a great writeup on his blog. It seems the case revolves around the fact that according to documentation, the PlainsCapital online system requires the computer of the customer to be “registered” prior to it allowing transfers, yet evidence indicates the computers used to make the transfer were in Romania.

so, why was the transfer authorized? We may never know, but if more information comes up I’ll update this post.

Don’t forget, that if your bank gets robbed and they steal your cash, the bank will replace it, but, if your online banking account gets compromised, and transactions are made using legitimate credentials via your online banking system, you may not be so lucky. In fact, it’s extremely unlikely you’ll get your money back.

For the $350 cost of a new netbook, maybe you should consider dedicating a separate computer for eBanking only, and NEVER surfing the web or installing anything on it.