Thousands of customers of direct bank Comdirect could access foreign accounts for hours on Monday morning. By mistake they landed after logging into online banking not on their own account, but saw the account and deposit-Scores of other customers, a spokesman for the Commerzbank subsidiary conceded. Even changes made about the current account to the deposit had been possible, but not transfers to other accounts.
“At the client assets could be change nothing,” stressed spokesman. Overall Comdirect has around two million private customers. We have the Berlin investor lawyer Dietmar Kälberer asked what kind of consequences the incident for customers – he sees a need for action
WirtschaftsWoche: Mr. Kälberer where. direct bank Comdirect were visible due to a technology glitch foreign accounts. Existence of compensation claims
Dietmar Kälberer: In principle, yes, because the banking secrecy has been breached. Only there is no damage and no compensation. And in Germany must have originated in money such damage. Pain and suffering is the exception.
The most important answers to Comdirect data Panne
-
What happened?
A spokesman for the bank confirmed that there were technical difficulties. As the “Handelsblatt” reported landed on Monday morning a customer Comdirect Bank after logging surprisingly on another customer’s account. Accordingly, the man repeatedly logged off and on again – and had repeatedly to different accounts access. An editor of the newspaper was able to reproduce the bug and get access to an account with more than 50,000 euros amounts held in current and savings account.
Among other things, so it was possible to call even account statements. Several readers of “Heise Online” have confirmed the massive vulnerability, reports the IT professional portal. Comdirect stressed but according to current knowledge, it was not possible to manipulate the foreign data. “The customer assets remained at all times at the customer,” a spokesman said.
-
How many are affected?
According to the Comdirect spokesperson were “several thousand customers” affected by the glitch. The Commerzbank subsidiary based in Quickborn has around 2 million customers. Sufferers should “be contacted immediately.” Through its Facebook page, the Bank 1.5 announced to keep their customers up to date, by the afternoon but there were no further entries.
-
How did it come to leak?
according Comdirect the data breach was after a routine software recording at night occurred on Monday. Further details were not immediately known. After restarting the site was in the morning partly limited reach, after the problems were resolved, the spokesman said. “Heise Online” reported, citing an internal source that may be a database error was the trigger. That, however, did not confirm the speaker. The failure analysis run yet, he said.
-
Is the mishap an isolated case?
The Panne at Comdirect is not an isolated case. Beginning of June, it had come at Deutsche Bank in a massive IT glitch. Around 2.9 million accounts were affected. Here withdrawals and deposits were shown part double. The account balances were characterized displayed higher or slipped into the red. Overall, more than 13 million bookings were affected. Cause recorded German bank a processing problem that was corrected in error.
Even with the DHL came last to a vulnerability could hijack over which foreign parcel compartments. This occurred because the companies need to pick mTAN no longer sent via SMS to the customer’s telephone, special she indicated alternatively in the app. This allowed foreigners to gain easier access to the code, even without access to the mobile phone of each client.
here’s probably been hurt especially confidence …
but that the neighbor knows now that you have a stock portfolio, there are basically no redress in money. It also can be disturbing. We have in particular just at prominent or wealthy clients the problem is that this course does not want their financial circumstances and investment transactions be made public.
A common theme in such data leaks are always concerns about tax. Cash flows and the like are sometimes even very interesting for that authority.
If the violation of privacy consequences that?
No, not necessarily. Fallen legal pursuit or termination costs, customers can at the bank. Theoretically, customers could also admonish the bank and ask for a penalty clause declaration, together with attorney’s fees. That could be quite expensive for the bank. But customers are known to be cautious.
No comments:
Post a Comment