Bank teller arrested for $3.2M theft

By mstie74 at 3:24 pm on February 6, 2008 | 3 Comments

A Romanian bank teller was arrested for illegally transferring $3.2M into two bank accounts by using his director’s password.  There is no detail in the article to describe how the teller acquired the director’s password but this could have been done in a myriad of different ways including shoulder surfing, brute force guessing, or social engineering.  In this case, the adversary was a trusted employee and may not have been considered a threat.

This is a great example of how adversaries can be anywhere and even the most secure systems are only as secure as the people who administer them.  All the technology we use to secure communications, systems, and data is virtually worthless when someone can acquire the necessary credentials to bypass all that.

It is important to remember that there is more to security than just encryption and buffer overflows.  Policy and user education is an equally important aspect.

Filed under: Current Events,Ethics3 Comments »


  • 1
    Get your own gravatar for comments by visiting

    Comment by Patrick Williams

    February 7, 2008 @ 1:10 pm

    there’s of course the very famous example of something similar happening here in the US. Amazing stuff…,9171,948323,00.html

  • 2
    Get your own gravatar for comments by visiting

    Comment by mstie74

    February 7, 2008 @ 4:58 pm

    That article is marked Monday, Nov. 20, 1978. It just shows how long these problems have been around and how we haven’t learned from our mistakes.

  • 3
    Get your own gravatar for comments by visiting

    Comment by geld lenen

    February 21, 2008 @ 11:28 pm

    More interesting how he got the password and how long this went on… It looked like it was later discovered then happened.

    This guy should routed his money fast to through some countries 😉

RSS feed for comments on this post