The recent theft of money from the bank account of a Kolkata Trader shows clearly that loss of critical data is as critical as losing money.
From the words of times of India:-
“On June 24, someone who goes by the name Praveen Rai walked out of two branch offices of State Bank of India in Mumbai, pocketing a cool Rs 90,000 that he had allegedly siphoned off the account of a Kolkata-based trader. The crime shook not only the businessman, but also the city’s police and e-fraud experts. For, the next target could be you. Or just about anyone doing e-banking. Police are desperately looking for Rai, who is believed to be in the early 30s. They also have a photograph of him (the one he submitted to open the SBI account), but more than a month after the crime, there is no trace of him. The victim, trader Akhilesh Bagla, is probably the first from the city to have had his account hacked. But it opens the risk of a racket operating in the web world. ”
Now, if we look into the incident closely, it turns out that at some point of time, the culprits had access to the bank account details of the victim including the internet banking id and password.
How did they get access to such information?
Either the victim himself gave them the information or the information came from somewhere else. It might be suspected that, an insider trading of confidential information happened. And a usb thumb drive could have been one of the tools used by the culprits to achieve their mission. The possibility of using an email could also not be ruled out. But, most of the businesses now a days use their own in-house emailing system along with monitoring all inbound and outbound emails.
Some of our so called IT security experts comment that “I think the bank account was hacked”.
But, there is a very simple logic to make you understand that any kind of hacking or network penetration was not attempted in this case. Why would a hacker take so much pain to gain access to the gateways of SBI, penetrate into the network and then, when he has access to all the bank accounts selects only one of them to steal some 2.6 Laks of money.
So, what we conclude now is that, there was loss of information somewhere which was only limited to a particular bank account which led to this incident. And , if we want to avoid such incidents to happen in future we need to fix all our security holes both at the network level and at the end points.
![[Try]](http://dataresolve.com/images/try.png)
![[buy]](http://dataresolve.com/images/buy.png)
There is no perfect defense. The more a person resists, the more damage gets in response. Thanks for arctikle.
Dear Urba, i fully agree with you that there is no perfect defense, but, the reason companies are going for different kind of data security implementations is because at least they dont want to make everything open. Its better to have even 90% security than having zero.