Now, in details revealed by a lawsuit filed against Wells Fargo by the Ecuadorian bank, both banks believe that the request for the funds were triggered and stolen by unidentified hackers.
Advertisement
After the Bangladesh Bank hack, Swift authorities went on record to say that there was nothing wrong with the interbank gateway.
“We specifically remind all users to respect their obligations to immediately inform Swift of any suspected fraudulent use of their institution’s Swift connectivity”, the firm said Friday in a statement. “It is essential that you share critical security information related to SWIFT with us, “SWIFT said”. Details of another bank being victimized more than a year earlier is likely to increase those concerns, especially since overseers of the global payment system said that they were unaware of the attack.
Apart from the almost half a dozen technicians, some of them contract employees, Bangladesh has also invited senior SWIFT officials to Dhaka, said the source, who declined to be named because of the ongoing investigations. The cyber-heist took place on January 28, and the funds were sent to different accounts in Hong Kong. They were sent to Bangladesh from “around the world” in the second half of past year, it said.
Senator Tom Carper of DE requested that both answer questions and brief his staff by 17 June on how they were handling issues following the February heist, during which hackers wired money out of an account at the New York Fed held by Bank Bangladesh, as well as how they were safeguarding against other potential cyber threats. They gained access to the SWIFT messaging network. “It was, from our perspective, a customer fraud”, Gottfried Leibbrandt, CEO of SWIFT, said at a financial conference in Frankfurt last week.
SWIFT is urging partner banks to disclose similar attacks so that better defenses can be set up.
Banks use secure SWIFT messages for issuing payment instructions to each other. Unlike the Vietnam bank attack, this one was successful. According to Reuters, a year ago Wells Fargo approved at least 12 transfers worth $12 million of funds that were requested over the Swift network.
The details about this heist came to light after BDA sued Wells Fargo for failing to detect the attacks, even if the credentials were compromised on its side.
The Bangladesh hacking heist has led to tensions between the bank and Swift, which is based on the outskirts of Brussels.
Advertisement
“BDA and Wells Fargo agreed that Swift authentication was a commercially reasonable security procedure for verifying Swift payment orders”, the Wells Fargo lawyers said in their motion to dismiss the case.
