This page contains a Flash digital edition of a book.
A


major court ruling coming out of the US this month looks set to re-define the importance of internet security both for individuals and small businesses.


A judge in the US state of Maine has issued a ruling that the bank of a small business customer who’s account was hacked and had more $300,000 stolen was not responsible for the loss of the money. In the judges ruling he confirmed the requirement on customers to ensure they act to protect account details and have the necessary robust internet security protection.


The appellant in the case was Patco Construction Company, a family-owned business based in Sanford, Maine which had brought a law-suit against it bank, Ocean Bank after discovering that hackers had been withdrawing about $100,000 per day from its online bank account. The fraud had been perpetrated after the hackers sent a malicious e-mail to Patco employees which installed the Zeus password-stealing trojan on an employee’s computer.


By the time the fraud was uncovered, almost $600,000 had been transferred from the Patco account although $240,000 was stopped in the process of the transaction after the alarm was raised. Patco sued Ocean Bank for failing to detect the fraudulent activity and the irregular nature of the transactions. Patco additionally claimed that Ocean Bank had failed to implement “best” security practices of requiring customers to use multifactor authentication processes.


Judge John Rich presiding commented that whilst Ocean Bank could have done more to authenticate transactions


the law does not require banks to implement the best


security processes but they must merely make it clear to all customers when they sign up about the level of security provided and the level of liability that the bank will assume.


Judge Rich also noted that Ocean Bank’s level of security was comparable to that at other banks and that ultimately, Patco was responsible for the loss, because it had not better secured its account credentials.


The decision will raise further questions about the levels of security that banks and financial institutions can be reasonably required to provide customers and is likely to be seen as setting precedent for liability in circumstances where the customers system has been hacked and banking information stolen.


08 entrepreneurcountry


$300 $ $


Reason Why Secu Business Resp


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60