August 2, 2008
Local Fraud which occurred as a result of the May hack into 1st Source Bank, may have a broader connection. South Bend Trib Article.
July 8, 2008
Here is what I’ve been searching the web for, a small line to the Chicago Trib, but a big message for me (written June 5th), "A security consulting firm alerted 1st Source after discovering the breach on May 12, the day it occurred."
So, for those of us who had duplicate transactions on May 4th – No, we can not say the bank’s delay in returning the money that it wrongfully encumbered (in my case for over 72 hours), was due to investigations into a security breach.
Missed this one from The International Herald Tribune on June 18th. Finally some quotes from the FBI!
June 24, 2008
Other banks just turned off debit cards without notifying customers?
June 23, 2008
Regional ATM frauds tied to 1st Source Bank breach: Fox 28 News Here.
June 17th and 18th 2008
Several local bank customers report fraudulent withdrawals. Some wondering if it could be related to the First Source Security breach discovered May 12th. WNDU report here. WSBT’s report here gives more detail on the current theory that the First Source breech targeted debit cards and PIN numbers of other institutions using First Source’s ATM machines.
June 10th, 2008
Good questions: http://spylogic.net/index.php/item/275
June 3rd, 2008
I found this quote interesting relative to the May 4th incident in which a couple hours of that Sunday’s transactions were submitted twice (and not by the vendors).
"Seitz wouldn’t disclose the size of the debit card file, but says the bank is reissuing all cards, which are MasterCard-branded, as a precaution. 1st Source also is offering customers free credit-report monitoring for a year. Seitz would not say whether the hackers broke into the server only on May 12. " (emphasis mine). From Digital Transactions
May 31, 2008
There’s more to it than this. In the explanation I was given via telephone yesterday, the event of Sunday May 4th (where over 100+ debit transactions during a 3 hour period caused ‘double-dipping’ of accounts) was DURING THE TIMEFRAME of the hack.
If the hack occurred May 12th, then the 72 hours it took the bank to credit my account (and others) for the 2nd ‘accidental’ (?) transaction has no excuse.
James Seitz, Senior Vice President of Electronic Banking, earlier had implied to me that the May 4th event essentially boiled down to a regional slow-down of the internet due to several theft incidents concerning AT&T copper (which I don’t believe was live copper anyway, from accounts I’ve read). That’s what he said.
From my point of view, Database Administrators must’ve re-applied transaction logs without pruning them, and done so as a remediation. But as a remediation to what initial event
Meanwhile, yesterday’s phone call with Mary Chmiel (incredibly nice lady, frank and to the point, does customer service well), another Senior Vice President, seemed to indicate that the company MasterCard initiated the re-application of transactions which caused those of us shopping on that May 4th Sunday to have our transactions debited twice. But why? Why did MasterCard do it?
That is not clear to me. Of course, I haven’t received my letter yet. Maybe this afternoon’s mail will explain it to me.
May 24, 2008
United States Postal Service and First Source Resource Cards?
After running for gas and calling Pat, I went out again, to the Edison Road US Post Office. My Resource Card swiped, the postal employee says, "I’m sorry. There was a problem with your card." Now I’m savvy. I don’t freak. I just sigh in a dejected sort of way. Can you run it as a credit card? She can. This errand is done. Now it’s bank to phone the bank.
Are these two incidents related? Julie at Maple Lane branch says no. The USPS point of sale system regularily has problems with First Source Resource Cards. Now I want to know if the US postal service POS system regularily has problems with ALL debit cards, or only with First Sources’ and if so, why?
"INVALID PIN" at the Pumps
Thursday May 22, 2008
Last night my car was running on fumes, so this morning -without breakfast, because I was out of yogurt and needed to buy it at Martin’s as well- I left the house early (about 7:15am), headed down to the local Martin’s supermarket /gas station , ran my debit card through at the pump, and …
Not again. Not again!
Only this time First Source had really done it. The pump displayed "Invalid PIN." Maybe I’m protein deprived? I tried again. Really, I knew already it would never work, it was the disbelief that First Source Bank’s electronic systems could possibly have another problem in such as short time span… So, I hit it again. Four times. I gave up. It was true. The PIN that has worked for me for over 2 years suddenly one day becomes invalid.
I called Pat Hayes at Maple Lane Branch. She didn’t know but she’d call the Resource Center and get right back to me. Hanging up I felt a pang, I hoped I wasn’t the albatross around her neck. By now all First Source employees probably all have printed cards taped to their cubicles advising them to put on their best customer face and simpering voice if Laura Gekeler calls in, then write up a form 1-800-CUSTOMER-RAGE-REPORT in triplicate to send to management. So Pat probably didn’t direct me to the Resource Center herself, as she might have, but eased the pain by not transferring my call.
She calls back and I apologize for causing more trouble, to which she replied in her very down to earth way, that policy dictates the Branch rep. call the Resource Center. (whew…she’s just being her normal nice self, maybe I don’t have an alert circulating the bank about me).
But THEN she says the Resource Center tells her the system was down from 4am to 7am this morning and that any customers using their debit cards during this time now have to have their PINs reset. I said, "Pat… I couldn’t have been at that pump any earlier than 7:10am this morning." But what I really meant was, "Pat, the Resource Center doesn’t have their facts straight yet." Again.
They call this an upgrade?
The saga continues… I suppose Sunday May 4th was just the precursor …my Sunday transaction was double-dipped when the vendor on whom First Source Bank relies for its online banking system, accidentally re-applied transaction logs without pruning them. Perhaps this was in preparation for the big upgrade that took place Wed?
Can’t have been good. Today, Friday May 9th, there are still ramifications from the process that was supposed to make it possible for me to see and to use in real-time funds I transfer over the web from savings to checking… Instead, I can’t even login!
One of my past blog posts on recent customer service and information systems snafus at First Source Bank elicited this comment,
"Laura- If you don’t like your bank then leave. If you are unhappy I am sure your bank dosen’t enjoy your constant complaining about them. There are plenty of other banks in town. Just leave!
Posted by: Heather | May 22, 2008 at 03:19 PM"
Okay, Heather, here’s why I am not just leaving….
1. Of the 12 years I’ve been a First Source Bank customer, 11 of them have been very good. Before I sign the divorce papers, I’d like to try counseling first.
2. I believe some companies genuinely want to hear how they can do better and are willing to prove they can. I’m not ready yet to say First Source Bank isn’t one of them.
3. I never thought I’d need an exit strategy from my Bank, from direct deposit of paychecks and from automatic bill pay. I’ve now developed such a plan and can execute it if need be. It would suck if I had to, but I’m now prepared.