Alternative Finances

United Security Bank Settles with Cyberheist Victim Oil Company $350K

California-based oil company TRC Operating Co., Inc. has reached a settlement with United Security Bank for reimbursement funds stolen during a 2011 cyberheist on the company’s accounts.

According to Internet security blogger Brian Krebs, TRC faced a five day hijacker-attack on its corporate accounts that lasted for five days in mid-November 2011. Over the course of the heist, thieves sent nearly a dozen fraudulent wires out of the company’s operating accounts, siphoning off almost $3.5 million to the Ukraine.

USB did manage to block or reverse all but 300K of the fraudulent transactions, though that last 10 percent tipped off an argument between the two firms as to who was responsible for the lost money.

TRC argued that USB was responsible because they failed to offer a commercially reasonable security procedure.  The bank’s “user name and password” level security was simply insufficient.

“For all intents and purposes, they got a user name and password, but were never offered any other security,” said Julie Rogers, an attorney for the Dincel Law Group, the San Jose firm that represented TRC in the dispute, reports Krebs. “TRC had a cash management liaison assigned to them by the bank who assured them that this was all safe and reliable.”

Days before the case was set to go to trial, the parties settled for $350K, with neither party admitting fault.

“What’s Hot” is aggregated content. claims no responsibility for the accuracy of the content published by the original source.


New PYMNTS Report: Preventing Financial Crimes Playbook – July 2020 

Call it the great tug-of-war. Fraudsters are teaming up to form elaborate rings that work in sync to launch account takeovers. Chris Tremont, EVP at Radius Bank, tells PYMNTS that financial institutions (FIs) can beat such highly organized fraudsters at their own game. In the July 2020 Preventing Financial Crimes Playbook, Tremont lays out how.

Click to comment