Security News > 2018 > March > Frost Bank Says Data Breach Exposed Check Images
Frost Bank, a subsidiary of Cullen/Frost Bankers, Inc., announced on Friday that it discovered the unauthorized access to images of checks stored electronically. According to the company, it discovered last week that a third-party lockbox software program had been compromised, resulting in unauthorized users being able to view and copy images of checks stored electronically in the image archive. Frost Bank systems weren’t impacted in the incident, Frost says. Customers can use lockbox services to send payments to a central post office box. The bank receives the payments and credits them directly to a business’s account. The information that was accessed as part of the incident could be used to forge checks, the company says. The company says it stopped the identified unauthorized access immediately after discovering it, and that it also launched an investigation into the matter. Frost says it is working with an unnamed cybersecurity firm to investigate the incident and that the law-enforcement authorities have been informed as well. “At Frost, we care deeply about taking care of our customers and protecting their information, and we regret that this situation has occurred. We are working very hard to make things right,” Frost Chairman and CEO Phil Green said in a statement. According to the company, the unauthorized access was limited to a software program serving around 470 commercial customers using the electronic lockbox. The fraction of impacted Frost customer base might experience forgeries on accounts or could be informed of compromised check images. Related: Hybrid Bank Heists Net Millions in Cash for Criminals Related: U.S. Banking Regulator Hit by 54 Breaches in 2015, 2016 (function() { var po = document.createElement("script"); po.type = "text/javascript"; po.async = true; po.src = "https://apis.google.com/js/plusone.js"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(po, s); })(); Tweet Ionut Arghire is an international correspondent for SecurityWeek. Previous Columns by Ionut Arghire:Frost Bank Says Data Breach Exposed Check ImagesFirefox Fails at Keeping Passwords Secure, Developer ClaimsChina-linked Hackers Target Engineering and Maritime IndustriesGitHub Paid $166,000 in Bug Bounties in 2017PinkKite POS Malware Is Small but Powerful Register for the 2018 CISO Forum at Half Moon Bay 2018 ICS Cyber Security Conference | Singapore [April. 24-26] 2018 ICS Cyber Security Conference | USA [Oct. 22-25] sponsored links Tags: NEWS & INDUSTRY Incident Response
News URL
Related news
- ADT confirms data breach after customer info leaked on hacking forum (source)
- CSC ServiceWorks discloses data breach after 2023 cyberattack (source)
- How to Prevent Your First AI Data Breach (source)
- Toyota confirms third-party data breach impacting customers (source)
- National Public Data Breach: Only 134 Million Unique Emails Leaked and Company Acknowledges Incident (source)
- CannonDesign confirms Avos Locker ransomware data breach (source)
- Patelco notifies 726,000 customers of ransomware data breach (source)
- Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year (source)
- Park’N Fly notifies 1 million customers of data breach (source)
- GDPR Data Breach Notification Letter (Free Download) (source)