In a case that may set a precedent for liability in hacking fraud incidents, a bank in Maine has agreed to reimburse a construction company $345,000 that was lost to hackers. A court ruled that the bank’s security practices were “commercially unreasonable,” reported Wired Friday.
In 2009, hackers installed malware on construction firm Patco’s computers and stole its banking credentials to steal around $300,000. People’s United Bank has agreed to pay Patco Construction Co. all the money it lost plus interest. Although a U.S. District Court ruled that People’s United wasn’t responsible for the lost money as Patco claimed, the First Circuit Court of Appeals found the bank was responsible for an increased fraud risk and advised on the settlement.
“The case raised important questions about how much security banks and other financial institutions should be reasonably required to provide commercial customers,” noted Wired. Jeremy Kirk at ComputerWorld.com wrote that the case is “a sign that small businesses are having greater success at shifting liability toward banks in online security meltdowns, including out-of-court settlements.”