-
The “Security Breach” and your Incident Response Program
Last week Wells Fargo said that some of their customers in South Carolina and Florida received portions of other customers’ bank statements in the mail as the result of a printer error. Essentially a printer malfunction caused some printed statements to contain a portion of another customer’s statement to be appended to the bottom. A…
-
SAR Filings – Computer Intrusion vs. Identity Theft
The Financial Crimes Enforcement Network (FinCEN) publishes a statistical summary and review of all suspicious activity report (SAR) filings a couple of times per year. The latest one was just released in May covering the 10 year period from 1/1/2001 through 12/31/2010. I thought it might be interesting to see how the category of Computer…
-
Incident response – to report or not?
For the purposes of regulator reporting and customer notification, it is critical that we first define an “incident”. Here is how an incident is defined by the FFIEC:
-
ID Theft and SAR filings
In the past, authoritative reports on identity theft have used surveys conducted with the general public to collect ID theft related data. However…
