Bank of Manhattan Warns of Potential Data Leak

[Karamjit]

Improper use of USB drive with sensitive info

A data security and protection notification has been issued by the Bank of Manhattan Mortgage Lending, following the discovery that one of its employees used sensitive customer information in a manner that contradicts the organization’s policies and instructions.

A period for the insecure practice was not provided publicly by the financial institution, which is currently investigating in order to learn the full extent of the incident.

Social security numbers included in potentially exposed records

According to current findings, the employee handled mortgage loan files available on a removable storage drive improperly, which could have resulted in exposing customer names, addresses, loan numbers, phone numbers, credit information and other financial data, along with their social security numbers.

All this information could serve for criminal activities such as applying for obtaining a fraudulent credit line in the name of the victim.

The bank does not make it clear what the nature of the incident is, which may refer to plugging the USB drive with the sensitive information into a computer that did not meet agreed security standards, thus exposing the data to information-stealing malware.

Free credit monitoring and identity theft protection offered

The portable storage unit has been recovered and the bank says in a letter to affected customers in California that there is no indication that the data on it has been used fraudulently or improperly or that it was disclosed to unauthorized parties.

“Please be assured that we have taken every step necessary to address the incident to date, and that we will continue to investigate and take any additional steps that may be required. We are committed to fully protecting the information you have entrusted to us,” the organization informs.

Potentially impacted individuals have been notified of the matter and are provided protection against credit fraud and identity theft, free of charge, for a period of 12 months. They can also address questions to a call center number provided in the letter.

Source