Shostack + Friends Blog Archive


Wachovia, Bank of America, Commerce Bancorp, and PNC Bank NA, 500,000, Employees Double Dipping

Electronic account records for some 500,000 banking customers at four different banks were allegedly stolen and sold to collection agencies in a data-theft case that has so far led to criminal charges against nine people, including seven former bank employees.

Police in Hackensack, N.J., are continuing their investigation into the theft by a crime ring that apparently accessed the data illegally through the former bank employees.

So Computerworld tells us, in “Data theft involving four banks could affect 500,000 customers.” The story mentions a “crime ring,” but its not clear what that ring did, other than stock a private database, owned by Orazio Lembo Jr., to compete with Choicepoint. MSNBC tells us in “Massive bank security breach uncovered in N.J.” that:

The employees are accused of turning over customer bank account numbers and balance information for a profit [fee, really] of $10 per account. Even a state employee is accused of providing private information from state employment files.

North Jersey News names names in “9 charged in bank data scheme:”

Lembo resold the information to the collection agencies and attorneys for $70 to $100, Zisa said. He even allegedly sold package deals that included employer information supplied by the state worker, Rivera, 42, of New Milford. [Rivera is a manager in the Jersey City office of the New Jersey Department of Labor.]

Zoran Levajac of Totowa [At the West Caldwell branch of Commerce Bank], Kathleen Lovelace, 35, of Kearny, then paid James Digangi, 27, of Elmwood Park, and Anthony Diamanti, 29, of Clifton.

Also charged were Kelvin Diaz, 27, of Hackensack, an employee at Bank of America branches in Elmwood Park and Paterson; Myron Frierson, 29, of Teaneck, a financial specialist for Wachovia Bank in Elmwood Park; and Maurice Williams II, 28, of Hackensack, a financial specialist for First Union/Wachovia in Bogota.

(Via Jim Horning, at Nothing is as simple as we hope it will be, Another Massive Personal Information Theft.)

[Update: If you find this interesting, you might also be interested in my posts on breaches, or the Choicepoint debacle. Or just take a look around the blog.]