Bank officials are selling customer data in backroom deals with online fraudsters, facilitating sophisticated scams targeting Americans' survival savings, the report says.
These bank insiders, typically the lowest-paid employees, continue to be arrested for selling personal information, exposing major weaknesses in banks' security. Bloomberg News reported.
“The more employees within a company have access to sensitive customer information, the greater the risk that that access will be misused,” said RJ Cross, a privacy advocate with the US Public Interest Research Group.
Nearly a decade ago, then-New York State Attorney General Eric Schneiderman ordered companies such as JPMorgan Chase, Bank of America, and Citigroup to take action after discovering an increase in internal data breaches. Major banks have been warned to strengthen their internal security measures.
Banks have told lawmakers and the public that they have a responsibility to protect their customers from being scammed, but the trend has only gotten worse over time.
According to one study, elder fraud complaints to the FBI's Internet Crime Complaint Center spiked 14% last year, and related losses rose 11%. government report It was released earlier this year.
The case cited by Bloomberg involved a new Toronto-Dominion Bank employee hired to detect money laundering from a New York outpost. Manhattan prosecutors say she instead used her internal access to leak customers' personal information to a criminal network via Telegram. Detectives said her phone had photos of 255 checks from bank customers and personal information for another 70 checks.
Wade Helms, an employee of Navy Federal Credit Union, is suspected of writing customers' personal information in a notebook, creating a Telegram account and posting that he was looking for a buyer, Florida authorities said.
Prosecutors said he was talking on the phone and on a computer next to his desk in his office with a Telegram user who claimed to be the broker for the stolen data.
By the time Navy Federal discovered the breach, a Telegram page called “Navy Wave” used to compromise customer data had exposed as many as 50 accounts for more than 2,700 subscribers.
Helms pleaded no contest to 11 charges in a deal with prosecutors earlier this year and was sentenced to 10 years of probation. He was ordered to pay approximately $9,100 in restitution to the credit union.
“The Federal Navy takes all necessary precautions to protect the personal and financial information of our members,” a spokesperson told the Post in a statement, adding that it constantly strengthens its security measures.
Jonathan Lopez, a former federal prosecutor who specializes in bank crime cases, told Bloomberg that it's difficult for companies to stay on top of crime trends as they expand their workforces.
“In many cases, this problem is not due to a flaw in the program, but may involve a huge number of people,” Lopez said. “Although it may not be possible to reduce fraud rates to zero, financial institutions should be encouraged to continue striving to drive their fraud and insider fraud rates as close to zero as possible.”
Attorney General Merrick Garland says Canada-based TD Bank accepted gift cards and cash bribes from multiple branch employees to receive debit cards that they used to open accounts and send money to Colombia. The company has been fined $3 billion in a historic settlement with U.S. authorities.
A New York-based TD branch manager stole more than $200,000 from an elderly customer's account, even after the retiree had passed away. TD later fired the banker, but the banker admitted to the crime and was sentenced to more than a year in prison. His lawyer said he stole funds to pay for his son's college tuition.
In September, authorities in New York accused Dahlia Sewell, a new member of the TD scheme, of taking images of customers' checks and posting them on Telegram with instructions on how to steal from their accounts. A network of New York fraudsters was later charged with $500,000 in check fraud, according to the Manhattan District Attorney's Office.
Mr. Sewell has pleaded not guilty to unlawful possession of personal information.
“In both cases, the employees were terminated and we fully cooperated with the authorities' investigation,” a TD spokesperson told Bloomberg. “As we have consistently said, these individuals do not represent our 30,000 colleagues in the United States who serve our customers with integrity.”
In Louisiana, federal prosecutors accused outsourced employees of the international call center Teleperformance of selling information on elderly USAA customers. Federal prosecutors say the scheme lasted three years.
Teleperformance told Bloomberg: “We fully cooperated with authorities in their investigation and immediately terminated the employee upon learning of the incident.” “We work closely with our clients to minimize employee access to customer account information, include only access necessary to provide services, and minimize the risk of fraud as much as possible. ”
Teleperformance employees have pleaded guilty to conspiracy to commit bank fraud and are awaiting sentencing.
TD Bank, Teleperformance and USAA did not immediately respond to The Post's requests for comment.
