Lloyds TSB staff accused of installing hardware to steal £2 million

Bank security faces internal and external challenges

Three staff members at Lloyds TSB face charges of installing a special "high-tech computer" designed to steal passwords and more than £2 million (US$3.4 million, AU$3.6 million) from the bank.

The bank clerks, aged between 22 and 30, allegedly installed the specialist hardware on a colleague's work station to steal sensitive information, which was then used to illegally transfer money out of branches in Slough, Newbury, and Camden.

The alleged fraud was conducted between July and September 2012, with a total of £2,036,500 targeted, according to the Oxford Mail. Some of the transactions were intercepted, but the bank lost just over £440,000 (US$740,000, AU$800,000).

Device footprints

The installed device, which employed a "USB mouse, keyboard and mass storage," allowed remote access via the internet to secure banking systems, allowing easy access to bank accounts.

The bugged work station left footprints that could be investigated and used as evidence, prosecutor James Thacker said. He described the case as "unusual."

The incident was discovered after the Halifax Slough bank manager noticed a suspicious transfer of £50,000 (US$84,000, AU$90,000) during a period when the bank was actually closed. Similar unusual transactions were spotted soon after.

Attacks on banks are on the increase, prompting a recent decision by Bank of England to hire so-called "ethical hackers" to help boost security.

All three accused deny the charges.

Via Graham Cluley Blog