[ISN] Breach called superficial at Internet services company

From: InfoSec News (alerts@private)
Date: Sun Mar 11 2007 - 23:07:45 PST


March 10, 2007

LINCOLN, Neb. - A Lincoln-based bank says an Internet services security 
breach didn't harm any customer or any account.

A senior vice president for TierOne Bank, Ed Swotek, said Friday: "Our 
internal security procedures to prevent the compromise of any customer 
worked exactly as planned."

The bank's Internet services vendor, Digital IMS, also said none of its 
customers was harmed by what it said was a superficial breach of 
security on Friday.

Chief Technology Officer Rob Nickolaus said Digital IMS hosts parts of 
TierOne's Internet display that don't include access to accounts or any 
transaction functions.

"In one of these Web sites that we host, but not manage, there was a 
flaw in their coding that allowed this malfeasance to enter our 
environment," he said.

"Our server itself was not hacked, and it was not the Web sites we 
create that were hacked.

"We have several thousand clients, and just a handful were impacted by 
this," Nickolaus said.

Information from: Lincoln Journal Star, http://www.journalstar.com

Visit the InfoSec News Security Bookstore

This archive was generated by hypermail 2.1.3 : Sun Mar 11 2007 - 23:16:44 PST