Forget Hackers, Watch Out for Bank Tellers - Technologist
Technologist - The FindLaw Legal Technology Blog

Forget Hackers, Watch Out for Bank Tellers

When it comes to protecting your financial information -- and your cash -- hackers aren't the only risk.

Bank tellers and bank managers have instant access to your Social Security number, your signature, leading to rampant abuse, according to prosecutors and security experts.

When the Robbers Are in Charge of the Bank

Many consumers couldn't tell you the last time they used a bank teller, and that's part of the problem. As ATMs, direct deposit, and online banking have proliferated, the once "sober, respected role" of tellers has diminished, according to a recent report on teller fraud in The New York Times. Tellers today are underpaid and often lack a personal connection to the bank's customers.

"Tellers and employees at retail branches, who can gain access to a customer's information with a few taps of a keyboard, are at the centers of" schemes to defraud customers, according to the Times. That can mean siphoning off money from accounts directly, stealing identities, or selling customer information on the black market. The wealthy and elderly are at particular risk, according to experts.

The total extent of unscrupulous bank tellers' fraud is unknown, but individual cases show that plenty has been taken. A teller in Chicago was caught withdrawing over $2 million from customers at several banks. Another in White Plains, New York was convicted after nabbing $850,000. A teller in Brooklyn was recently nabbed after selling personal information for $2,500 a customer.

The Threat Within

The Times' report serves as an important reminder of something that often goes overlooked: security risks aren't just from outsiders -- hackers breaking in to the bank's databases, or Bonnie and Clyde storming the vaults, guns blazing. Disgruntled, incompetent and unethical employees post security risks in all businesses.

A recent study by Baker Hostetler, one of the nation's largest intellectual property focused law firms, found that more than half of all data breaches were caused by someone inside the company, not hackers or thieves. Employee negligence was responsible for security breaches in 36 percent of the cases studied, and theft from insiders was behind another 16 percent. Theft by outsiders, malware, and phishing attacks were responsible for just 49 percent of breaches.

The profusion of in-house breaches had lead for calls to limit employee access to sensitive data, in banks and elsewhere.

Related Resources: