Bank employee steals 100,000 sheqels

Flask Data provides a one-stop cloud subscription for EDC, data management and statistics.

This is a classic case of trusted insider threat  – as reported by yesterday’s morning paper – “Israel Today”: ( i assume that this has been under investigation for a while so the actual event may have happened over a year ago…).

The arrest sheet in the Tel Aviv district court depicts collusion between an information security employee and outsiders.

An employee in the information security department of the First International Bank in Tel Aviv has been charged as an accessory in a theft of over 100,000 shekels from bank customers.  The employee, Dan Tirspolski exploited access to confidential information to identify foreign resident customers of bank and their online user names and passwords. The foreign residents, not being physically present in Israel – use the Internet to occasionally access their account. He then transferred this information to accomplices outside the bank who used their Internet access to withdraw money from the accounts.

The case reveals a direct link between data loss, fraud and money theft.   The trusted insider did not exploit a vulnerability of weak passwords – in cases like this, trusted insiders are insider threats that exploit a minimum of two vulnerabilities in the bank’s software applications – both vulnerabilities are a violation of the principle of separation of duties:

  1. One application may disclose clear text versions of the username password relating to a particular account number
  2. Another application may disclose account details such as the address and the fact that the bank customer is a foreign resident and not physically present in Israel – enabling the crime where a malicious insider collaborated with malicious outsiders.

Read more about data breaches and the consequences for managers who ignore data security.

Related Posts Plugin for WordPress, Blogger...

Flask Data is a technology company with a strong people focus. We are a diverse group of computer scientists and clinical operations specialists based in Israel, the US and India. We are accomplished at providing our customers with the most effective way to achieve high quality clinical data and assure patient safety. There is no single solution that works for every clinical trial. We work hard to understand your unique situation. We work with your team to develop the best solution to achieve high quality clinical data and assure patient safety the same day you engage with patients.

Flask Data – same data data and safety solutions for clinical trials.

Contact us to learn more

Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply